Today we are pleased to announce the release of Red Hat Certificate System 9.1 and Red Hat Directory Server 10.1, both supported on Red Hat Enterprise Linux 7.3.

Red Hat Certificate System, based on the open source PKI capabilities of the Dogtag Certificate System, is designed to provide Certificate Life Cycle Management (i.e. to issue, renew, suspend, revoke, archive/recover, and manage the single and dual-key X.509v3 certificates needed to handle strong authentication, single sign-on, and secure communications).

Red Hat Directory Server is an open source LDAP-compliant server that centralizes application settings, user profiles, group data, policies, and access control information in a network-based registry based on the 389 Directory Server project. The Red Hat Directory Server simplifies user management by eliminating data redundancy and automating data maintenance. Red Hat Directory Server also improves security, enabling administrators to store policies and access control information in the directory for a single authentication source across enterprise or extranet applications.

What’s New in Red Hat Certificate System 9.1

Certificate System 9.1 has introduced

the following new features and updates towards making the system increasingly robust and flexible:

  • The new Java-based Token Processing System (TPS) is now fully supported.
    • Red Hat Certificate System 9.1 replaces the Apache HTTPD-based TPS with a Java Tomcat-based TPS. The new Java-based TPS retains feature parity with the existing C-based implementation and provides a new user interface for better user experience.
  • Global Platform 2.1.1 in the TPS is now fully supported.
    • The latest version of Global Platform has been included and supported in the version of TPS that comes with Red Hat Certificate System 9. TPS is now able to provision cards that support newer versions of Global Platform and the latest cryptographic operations. In particular, the gp211 applet has been introduced and provides support for Secure Channel Protocol 02 (SCP02). SCP02 has been tested with SafeNet Smart Card 650.
  • Certificate System now supports setting SSL ciphers for individual installation.
    • Previously, if an existing Certificate Server had a customized cipher set that did not overlap with the default ciphers used during the installation, a new instance could not be installed to work with existing instances. Now, Certificate System 9.1 enables you to customize the SSL cipher using a two-step installation, which avoids this problem.

What’s New in Red Hat Directory Server 10.1

Directory Server 10.1 has introduced the following new features and important updates to make managing the directory service and its data easier and more secure:

  • The set-up of Red Hat Directory Server can now be completed even if the FQDN (fully qualified domain name) cannot be strictly resolved.
  • The Directory Console now supports additional operating systems. The full list of supported systems is now:
    • Red Hat Enterprise Linux 7.3
    • Microsoft Windows 8.1 and Microsoft Windows 10
    • Microsoft Windows Server 2012 and Microsoft Windows Server 2012 R2
  • Access, Error and Audit log files are now displayed separately in the Administration Server Console.
    • With this update, each log file (i.e. the Access log, Error log, and the newly added Audit log) is displayed separately with an appropriate title, which is clearer and more precise.

Additional Information

For additional information on Red Hat Certificate System or Red Hat Directory Sever please visit their respective pages in the Red Hat Customer Portal: