1.3. A Look at Managing Certificates (Non-TMS)
A conventional PKI environment provides the basic framework to manage certificates stored in software databases. This is a non-TMS environment, since it does not manage certificates on smart cards. At a minimum, a non-TMS requires only a CA, but a non-TMS environment can use OCSP responders and KRA instances as well.
For information on this topic, see the following sections in Red Hat Certificate System Planning, Installation, and Deployment Guide (Common Criteria Edition):
- Managing Certificates
- Using a Single Certificate Manager
- Planning for Lost Keys: Key Archival and Recovery
- Balancing Certificate Request Processing
- Balancing Client OCSP Requests
