First, make sure that you have dogtag instance configured.
ls /var/log/pki/pki-tomcat
Should see ca and possibly kra.
Check that dogtag is running:
ps -ef |grep java |grep pki-tomcat
Check that you can list certificates:
pki -P https -h `hostname
-p 8443 -d /etc/httpd/alias/ cert-find`
Check that you can issue a cert through the REST API:
Check that you can list keys (for a KRA):
Check that you can issue a cert through the ipa client:
Check that you can store a key through the IPA client: