ProductsServer Desktop & Workstation Developer Subscriptions Satellite OpenStack Platform For IBM POWER For SAP Business Applications Management For Scientific ComputingExtended Update Support High Availability High Performance Network Load Balancer Resilient Storage Scalable File System Smart Management Extended Lifecycle SupportA-MQ Accelerate Automate Integrate Application Platform BPM Suite BRMS JBoss community or Red Hat JBoss Middleware Data Grid Data Virtualization Developer Studio Portfolio Edition Fuse Fuse Service Works Operations Network Portal Web Framework Kit Web Server
SolutionsWhy Red Hat Why open hybrid cloud? The new IT Public cloud Cloud resource library Private cloud Infrastructure-as-a-Service (IaaS) Platform-as-a-Service (PaaS) Cloud applications and workloadsSolaris to Red Hat Enterprise Linux Migration overview Migrate from your UNIX platform How to migrate to Red Hat Enterprise Linux Upgrade to the latest Red Hat Enterprise Linux release Red Hat JBoss Middleware Benefits of migrating to Red Hat Enterprise Linux Migration services Start a conversation with Red Hat
TrainingPopular and new courses Red Hat JBoss Administration curriculum Core System Administration curriculum Red Hat JBoss Middleware development curriculum Advanced System Administration curriculum Linux Development curriculum Cloud Computing, Virtualization, and Storage curriculum
ConsultingSOA and integration Business process management Custom Software Development Enterprise Data and Storage Systems management Migrations
Red Hat Certificate System 7.3 Now Available
May 21, 2007
by Security Team
Today we are pleased to announce the general availability of Red Hat Certificate System 7.3. Containing a highly configurable set of software components and tools for creating, deploying and managing certificates, Red Hat Certificate System is a powerful security framework to guarantee the identity of users and ensure privacy of communications. Based on open standards for certificate management, Certificate System provides a complete, customizable, robust, scalable and high-performance certificate management solution for public-key infrastructure (PKI), extranets and intranets.
The release boasts multiple new features:
- Registration Authority (RA)
A front-end subsystem to the Certificate Authority (CA), the RA performs local authentication, requestor information gathering and request validation. It is also responsible for forwarding requests to the CA for signing.
- Simple Certificate Enrollment Protocol (SCEP)
A protocol designed by Cisco, SCEP specifies a way for a router to communicate with RAs and CAs for enrollment. Red Hat Certificate System 7.3 enables routers to enroll for a certificate from an RA using this protocol.
- Auto-Enrollment Proxy (AEP)
Designed to integrate seamlessly with an existing Windows Active Directory (AD) infrastructure, the AEP allows users and computers in a Microsoft Windows domain to automatically enroll for certificates issued from Red Hat Certificate System.
- Security Officer (SO) mode
Smart Card Manager, in conjunction with the latest TPS Server software, now supports a special “Security Officer” mode of operation. This special mode, presented as an alternative to the standard user centric experience, allows a supervisory individual (e.g. Security Officer), the ability to oversee the face-to-face enrollment of regular users in a given organization.
- In addition to Windows and Red Hat Enterprise Linux, the Enterprise Security Client (ESC) now supports Intel MAC 10.4.x.
Use of certificates with Red Hat Enterprise Linux 5:
Red Hat Certificate system can be used together with smart cards to increase the level of authentication security. Red Hat Certificate System can create and manage an end user’s certificate which is stored on a smart card.
The end user can insert his smart card into a smart card reader attached to a Red Hat Enterprise Linux 5 system. The end user then authenticates with his/her PIN and smartcard to gain access. The system can leverage this smart card authentication to generate a Kerberos ticket for the user that enables single-sign on to kerberos-aware applications like SSH, SCP and Fedora Directory server. Firefox and Thunderbird can use the end-user’s certificate to perform SSL client authentication to a web server that supports this.
For more information on Red Hat products, including the Red Hat Certificate System and Red Hat Enterprise Linux 5, visit here.