I have not played with it, at least not for a long long time, but you can try out the documentation pointed to from some past thread... see attached.

Regarding SCEP messages, we do not support fully, so the answer is no, not yet.

Christina

On 07/02/2014 11:27 AM, Abha Jain wrote:

Hi All,

We are looking at using Doghat CA server with Cisco routers. I had a few questions on the support included in Doghat certificate system.

I just started working on PKI, so please excuse if the questions are quite basic.

1. The Doghat system is built on top of NSS (Network Security Services). Does it have any issues working with Cisco routers as clients using SCEP? Would there be any OpenSSL and NSS interactions in this case?

2. Does Doghat support CA Certificate rollover? When CA certificate is about to expire, CA creates a shadow certificate. All the endpoints associated with that CA can then renew their ID certificates (this requires support for SCEP Messages such as GetNextCACert, GetCACaps).

Thanks in advance for your help!

-Abha
_______________________________________________
Pki-users mailing list
Pki-users@redhat.com
https://www.redhat.com/mailman/listinfo/pki-users