How To Install pki-tools.x86_64 on Amazon Linux 2

In this tutorial we learn how to install pki-tools.x86_64 in Amazon Linux 2. pki-tools.x86_64 is Certificate System - PKI Tools

Introduction

In this tutorial we learn how to install pki-tools.x86_64 on Amazon Linux 2.

What is `pki-tools.x86_64`

This package contains PKI executables that can be used to help make Certificate System into a more complete and robust PKI solution. This package is a part of the PKI Core used by the Certificate System. ================================== || ABOUT “CERTIFICATE SYSTEM” || ================================== Certificate System (CS) is an enterprise software system designed to manage enterprise Public Key Infrastructure (PKI) deployments. PKI Core contains ALL top-level java-based Tomcat PKI components * pki-symkey * pki-base * pki-base-python2 (alias for pki-base) * pki-base-python3 * pki-base-java * pki-tools * pki-server * pki-ca * pki-kra * pki-ocsp * pki-tks * pki-tps * pki-javadoc which comprise the following corresponding PKI subsystems * Certificate Authority (CA) * Key Recovery Authority (KRA) * Online Certificate Status Protocol (OCSP) Manager * Token Key Service (TKS) * Token Processing Service (TPS) Python clients need only install the pki-base package. This package contains the python REST client packages and the client upgrade framework. Java clients should install the pki-base-java package. This package contains the legacy and REST Java client packages. These clients should also consider installing the pki-tools package, which contain native and Java-based PKI tools and utilities. Certificate Server instances require the fundamental classes and modules in pki-base and pki-base-java, as well as the utilities in pki-tools. The main server classes are in pki-server, with subsystem specific Java classes and resources in pki-ca, pki-kra, pki-ocsp etc. Finally, if Certificate System is being deployed as an individual or set of standalone rather than embedded server(s)/service(s), it is strongly recommended (though not explicitly required) to include at least one PKI Theme package * dogtag-pki-theme (Dogtag Certificate System deployments) * dogtag-pki-server-theme * redhat-pki-server-theme (Red Hat Certificate System deployments) * redhat-pki-server-theme * customized pki theme (Customized Certificate System deployments) * -pki-server-theme NOTE meta packages may be provided which bind a particular theme to these certificate server packages.

We can use yum to install pki-tools.x86_64 on Amazon Linux 2. In this tutorial we discuss both methods but you only need to choose one of method to install pki-tools.x86_64.

Install pki-tools.x86_64 on Amazon Linux 2 Using yum

Update yum database with yum using the following command.

sudo yum makecache --refresh

After updating yum database, We can install pki-tools.x86_64 using yum by running the following command:

sudo yum -y install pki-tools.x86_64

How To Uninstall pki-tools.x86_64 on Amazon Linux 2

To uninstall only the pki-tools.x86_64 package we can use the following command:

sudo yum remove pki-tools.x86_64

pki-tools.x86_64 Package Contents on Amazon Linux 2

/usr/bin/AtoB
/usr/bin/AuditVerify
/usr/bin/BtoA
/usr/bin/CMCEnroll
/usr/bin/CMCRequest
/usr/bin/CMCResponse
/usr/bin/CMCRevoke
/usr/bin/CMCSharedToken
/usr/bin/CRMFPopClient
/usr/bin/DRMTool
/usr/bin/ExtJoiner
/usr/bin/GenExtKeyUsage
/usr/bin/GenIssuerAltNameExt
/usr/bin/GenSubjectAltNameExt
/usr/bin/HttpClient
/usr/bin/KRATool
/usr/bin/OCSPClient
/usr/bin/PKCS10Client
/usr/bin/PKCS12Export
/usr/bin/PKICertImport
/usr/bin/PrettyPrintCert
/usr/bin/PrettyPrintCrl
/usr/bin/TokenInfo
/usr/bin/p7tool
/usr/bin/pistool
/usr/bin/pki
/usr/bin/revoker
/usr/bin/setpin
/usr/bin/sslget
/usr/bin/tkstool
/usr/share/doc/pki-tools-10.5.18
/usr/share/doc/pki-tools-10.5.18/LICENSE
/usr/share/doc/pki-tools-10.5.18/README
/usr/share/java/pki/pki-tools.jar
/usr/share/man/man1/AtoB.1.gz
/usr/share/man/man1/AuditVerify.1.gz
/usr/share/man/man1/BtoA.1.gz
/usr/share/man/man1/CMCEnroll.1.gz
/usr/share/man/man1/CMCRequest.1.gz
/usr/share/man/man1/CMCResponse.1.gz
/usr/share/man/man1/CMCSharedToken.1.gz
/usr/share/man/man1/DRMTool.1.gz
/usr/share/man/man1/KRATool.1.gz
/usr/share/man/man1/PKCS10Client.1.gz
/usr/share/man/man1/PKICertImport.1.gz
/usr/share/man/man1/PrettyPrintCert.1.gz
/usr/share/man/man1/PrettyPrintCrl.1.gz
/usr/share/man/man1/pki-audit.1.gz
/usr/share/man/man1/pki-ca-kraconnector.1.gz
/usr/share/man/man1/pki-ca-profile.1.gz
/usr/share/man/man1/pki-cert.1.gz
/usr/share/man/man1/pki-client.1.gz
/usr/share/man/man1/pki-group-member.1.gz
/usr/share/man/man1/pki-group.1.gz
/usr/share/man/man1/pki-key.1.gz
/usr/share/man/man1/pki-pkcs12-cert.1.gz
/usr/share/man/man1/pki-pkcs12-key.1.gz
/usr/share/man/man1/pki-pkcs12.1.gz
/usr/share/man/man1/pki-securitydomain.1.gz
/usr/share/man/man1/pki-tps-profile.1.gz
/usr/share/man/man1/pki-user-cert.1.gz
/usr/share/man/man1/pki-user-membership.1.gz
/usr/share/man/man1/pki-user.1.gz
/usr/share/man/man1/pki.1.gz
/usr/share/pki/java-tools
/usr/share/pki/java-tools/DRMTool.cfg
/usr/share/pki/java-tools/KRATool.cfg
/usr/share/pki/native-tools
/usr/share/pki/native-tools/setpin.conf

References

pki-tools.x86_64 website

Summary

In this tutorial we learn how to install pki-tools.x86_64 on Amazon Linux 2 using yum.