A Red Hat Directory Server installation is required for the Certificate System subsystems to be installed; this directory instance maintains user information and certificate and key information. The Certificate System can be configured to publish certificates and CRLs to that directory, or other LDAP directories, for other applications to access. Certificate information published to the publishing directory must be periodically updated as certificates are issued and revoked. Updates are usually published automatically but may also be published manually.

This chapter describes the procedures for updating an LDAP directory with the current status of certificates. Only a Certificate Manager (CM) agent can publish certificates and CRLs to the directory.