PKI Main Page
Welcome to the home page for the Dogtag Certificate System! We went live on March 19, 2008. Read the Red Hat announcement here, and Bob Lord's blog post here.
On this site you will find everything you need to join the Dogtag community. Whether you are just looking for help and advice deploying and using Dogtag components, or you want to take a more active role and help shape the future of PKI, there are mailing lists and discussion channels for you to read or join.
The Dogtag Certificate System is an enterprise-class open source certificate authority (CA). It is a full-featured system, and has been hardened by real-world deployments. It supports all aspects of certificate lifecycle management, including key archival, OCSP, smartcard management, and much more. The Dogtag Certificate System can be downloaded for free and set up in less than an hour.
Dogtag is a collection of technologies that allow enterprises to deploy PKI on a large scale. It has features such as:
- Certificate issuance, revocation, retrieval
- CRL generation, publishing
- Certificate profiles
- Simple Certificate Enrollment Protocol (SCEP)
- Local Registration Authority (LRA) for organizational authentication and policies
- Encryption key archival and recovery
- Smartcard lifecycle management
- Token Profiles
- Token enrollment, on-hold, key recovery, format
- Face-to-Face enrollment with the security officer workstation interface
- Extensive documentation
For more, see the Features page.
What can you do?
New users may wish to check out the Users section. To run or deploy a Certificate System using pre-built components, see the:
If the user's interest is development, view the Developers section. To build a Certificate System, see the:
Additional ideas may be found in the following sections:
Join our community and help shape the future of Dogtag! Here are some links to get you started:
Team, History, and Contributors
The Dogtag technology has roots that go back over 10 years. Here is some background: