On Mon, 2017-03-27 at 11:32 +0100, Turbo Fredriksson wrote: > I'm looking into setting up DogTag in my infrastructure, and I was > wondering if it’s > possible to scale it (for redundancy) behind a load balancer? > > > I’m looking at implementing the CA and the RA. Possibly the OCSP and > DRM > as well, but I’m not sure I need them - loose the private key, create > a new is > the base I’m working from at the moment. > > About the OCSP it say “which takes the load of CAs”, which seems > roughly what > I need, although the “load” part isn’t really what I’m after. There > will be very little > load, but redundancy is a huge issue… > > I’m trying to understand the architecture of Dogtag, but I haven’t > seen any architecture > drawings or design document as of yet. > A good place to start to answer these questions is by looking at thee Deployment Guide for Red Hat Certificate System.
https://access.redhat.com/documentation/en-US/Red_Hat_Certificate_Syste m/9/html/Planning_Installation_and_Deployment_Guide/index.html RHCS is essentially Dogtag plus a subscription for support. The main redundancy mechanism is cloning. Ade > > _______________________________________________ > Pki-users mailing list > [email protected] > https://www.redhat.com/mailman/listinfo/pki-users _______________________________________________ Pki-users mailing list [email protected] https://www.redhat.com/mailman/listinfo/pki-users
