New Training: Implement PKI
In this 8-video skill, CBT Nuggets trainer Keith Barker describes and demonstrates components that make up the Public Key Infrastructure (PKI). Watch this new Cyber Security training.
Watch the full course: Implementing Secure Network, Cloud, and Mobile Solutions Training
This training includes:
- 8 videos
- 1.3 hours of training
You’ll learn these topics in this skill:
- Intro to Implementing PKI
- Public and Private Key Review
- Certificate Types and Uses
- Certificate Attributes
- CA Options
- CSRs and Certificate Encoding
- Bad Certificates
- Quiz and Review
What is the Public Key Infrastructure
The public key infrastructure (PKI) is a broad concept that is used to secure network communication. The internet is a common example of something that uses the PKI. It's due to the public key infrastructure that computers can communicate with web servers through encrypted channels.
To get an idea of how the PKI works, let's look at how an HTTPS connection is established between a computer and a web server.
When a computer navigates to a website through its browser (assuming that website is SSL/TLS enabled), the web browser establishes a four-way handshake with that web server. First, the webserver looks at the security certificate for the website. It uses that certificate to confirm the identity of the webserver and that it is who it says it is. After the identity of that web server is verified, the web browser sends an encrypted message to the webserver using the public encryption key found in the server’s security certificate. Once the webserver responds confirming everything, the webserver and web browser decide on an encryption key unique to that specific conversation to speak with each other securely.
The PKI infrastructure is the entire scope of that process. It includes all of the software and hardware that make it work from the certificate authorities who issue security certificates to websites, to the standards used for the encryption process, to the web servers and browsers that use it.