Case Studies

Case Study – PKI Assessment and Deployment

Encryption Consulting assisted a Retail institution to implement a new PKI Infrastructure. The client was implementing a new 2016 PKI infrastructure to support their SHA-2 internal certificates as well as an accelerated migration path for all certificates. Please see the table below for full details:

Challenge Solution Benefits
  • Root CA was nearing to its expiry
  • Root CA deployed on ADCS 2008 , nearing end of its support
  • Loss of HSM Keys to Root CA
  • Unable to sign and publish new CRL’s
  • Lack of documentation and procedures
  • No CP/CPS Policy
  • Creation of redundant ICA’s that were hardly used
  • No proper roles & responsibilities defined for PKI custodians
  • Assessment of Current PKI infrastructure
  • Designing a new PKI service based on Microsoft ADCS 2016 R2
  • Creating CP & CPS documents
  • Consolidating of Issuing CA’s from 9 to 4 ICA’s
  • Installation and configuration of HSM for storing CA & ICA keys
  • Creating Key Ceremony procedures and defining roles & Responsibilities for Key management
  • Implementing PKI hierarchy with offline Root CA and 4 Issuing CA’s connected to four domain forest
  • Validating the existing Cert templates and creating new Certificate templates to create existing and upcoming Digital certificate requirements
  • Using existing Http Server & LDAP for CDP ( CRL distribution Point)
  • A well-defined PKI system
  • Defining people, process & technology to manage PKI infrastructure
  • Consolidating and removal of redundant ICA’s thus reducing infrastructure and maintenance cost
  • Provide auditors with the required information for PKI
  • Enable support for new digital certificate demands such as MDM, VPN, and IoT requirements
  • Issuing of valid certificates for existing internal-facing web apps and valid certificate chain

Free Downloads

Datasheet of Encryption Consulting Services

Encryption Consulting is a customer focused cybersecurity firm that provides a multitude of services in all aspects of encryption for our clients.

Encryption Services

About the Author

President at Encryption Consulting LLC focusing on providing consulting to customers in the Applied Cryptography space.

Let's talk