ProductsDesktop Server For Scientific Computing For IBM POWER For IBM System z For SAP Business Applications Red Hat Network Satellite ManagementExtended Update Support High Availability High Performance Network Load Balancer Resilient Storage Scalable File System Smart Management Extended Lifecycle SupportDeveloper Studio Portfolio Edition Web Framework Kit Application Platform Web Server Data Grid Portal Platform Red Hat JBoss A-MQ Red Hat JBoss Fuse SOA Platform Business Rules Management System (BRMS) Data Services Platform Messaging JBoss Operations Network JBoss Community or JBoss enterprise
SolutionsApplication development Business process management Enterprise application integration Interoperability Operational efficiency Security VirtualizationSolaris to Red Hat Enterprise Linux Migration overview Migrate from your UNIX platform How to migrate to Red Hat Enterprise Linux Upgrade to the latest Red Hat Enterprise Linux release JBoss Enterprise Middleware Benefits of migrating to Red Hat Enterprise Linux Migration services Start a conversation with Red Hat
TrainingPopular and new courses Red Hat JBoss Administration curriculum Core System Administration curriculum JBoss Middleware Development curriculum Advanced System Administration curriculum Linux Development curriculum Cloud Computing, Virtualization, and Storage curriculum
ConsultingBusiness Process Management Cloud and Virtualization Custom Software Development Enterprise Data and Storage Systems Management Migrations
Red Hat Certificate System 7.3 Now Available
May 21, 2007
by Security Team
Today we are pleased to announce the general availability of Red Hat Certificate System 7.3. Containing a highly configurable set of software components and tools for creating, deploying and managing certificates, Red Hat Certificate System is a powerful security framework to guarantee the identity of users and ensure privacy of communications. Based on open standards for certificate management, Certificate System provides a complete, customizable, robust, scalable and high-performance certificate management solution for public-key infrastructure (PKI), extranets and intranets.
The release boasts multiple new features:
- Registration Authority (RA)
A front-end subsystem to the Certificate Authority (CA), the RA performs local authentication, requestor information gathering and request validation. It is also responsible for forwarding requests to the CA for signing.
- Simple Certificate Enrollment Protocol (SCEP)
A protocol designed by Cisco, SCEP specifies a way for a router to communicate with RAs and CAs for enrollment. Red Hat Certificate System 7.3 enables routers to enroll for a certificate from an RA using this protocol.
- Auto-Enrollment Proxy (AEP)
Designed to integrate seamlessly with an existing Windows Active Directory (AD) infrastructure, the AEP allows users and computers in a Microsoft Windows domain to automatically enroll for certificates issued from Red Hat Certificate System.
- Security Officer (SO) mode
Smart Card Manager, in conjunction with the latest TPS Server software, now supports a special “Security Officer” mode of operation. This special mode, presented as an alternative to the standard user centric experience, allows a supervisory individual (e.g. Security Officer), the ability to oversee the face-to-face enrollment of regular users in a given organization.
- In addition to Windows and Red Hat Enterprise Linux, the Enterprise Security Client (ESC) now supports Intel MAC 10.4.x.
Use of certificates with Red Hat Enterprise Linux 5:
Red Hat Certificate system can be used together with smart cards to increase the level of authentication security. Red Hat Certificate System can create and manage an end user’s certificate which is stored on a smart card.
The end user can insert his smart card into a smart card reader attached to a Red Hat Enterprise Linux 5 system. The end user then authenticates with his/her PIN and smartcard to gain access. The system can leverage this smart card authentication to generate a Kerberos ticket for the user that enables single-sign on to kerberos-aware applications like SSH, SCP and Fedora Directory server. Firefox and Thunderbird can use the end-user’s certificate to perform SSL client authentication to a web server that supports this.
For more information on Red Hat products, including the Red Hat Certificate System and Red Hat Enterprise Linux 5, visit here.