Dogtag Certificate System

this document provides information regarding configuring the {{futurex}} {{vectera}} hsm with the dogtag certificate system by using {{futurex}} pkcs #11 libraries for additional questions about your hsm, see the relevant user guide about dogtag certificate system the dogtag certificate system is an enterprise class open source certificate authority (ca) it is a full featured system hardened by real world deployments it supports all aspects of certificate life cycle management, including key archival, ocsp and smartcard management, and much more you can download the dogtag certificate system for free, and find extensive documentation in the dogtag pki github wiki key features dogtag is a collection of technologies that enable enterprises to deploy a pki at a large scale it has features such as certificate issuance, revocation, and retrieval certificate revocation list (crl) generation and publishing certificate profiles simple certificate enrollment protocol (scep) local registration authority (lra) for organizational authentication and policies encryption key archival and recovery smartcard life cycle management token profiles token enrollment, on hold, key recovery, and format face to face enrollment with the security officer workstation interface for more, see the features page on the dogtag pki github wiki guardian integration the {{guard}} introduces mission critical viability to core cryptographic infrastructure, including centralization of device management elimination of points of failure distribution of transaction loads group specific function blocking user defined grouping systems see the applicable guide in the {{futurex}} portal for configuring hsms with the {{guard}} , including pkcs #11 and cng configuration