×

See how our services helped a Healthcare and Life Science Company better implement encryption into their infrastructure.

Learn More


    Case Study – PKI Assessment & Deployment

    27 Mar 2020

    Case Study – PKI Assessment and Deployment

    /
    Posted By

    Encryption Consulting assisted a Retail institution to implement a new PKI Infrastructure. The client was implementing a new 2016 PKI infrastructure to support their SHA-2 internal certificates as well as an accelerated migration path for all certificates. Please see the table below for full details:

    well-established PKI
    Challenge Solution Benefits
    • Root CA was nearing to its expiry
    • Root CA deployed on ADCS 2008 , nearing end of its support
    • Loss of HSM Keys to Root CA
    • Unable to sign and publish new CRL’s
    • Lack of documentation and procedures
    • No CP/CPS Policy
    • Creation of redundant ICA’s that were hardly used
    • No proper roles & responsibilities defined for PKI custodians
    • Assessment of Current PKI infrastructure
    • Designing a new PKI service based on Microsoft ADCS 2016 R2
    • Creating CP & CPS documents
    • Consolidating of Issuing CA’s from 9 to 4 ICA’s
    • Installation and configuration of HSM for storing CA & ICA keys
    • Creating Key Ceremony procedures and defining roles & Responsibilities for Key management
    • Implementing PKI hierarchy with offline Root CA and 4 Issuing CA’s connected to four domain forest
    • Validating the existing Cert templates and creating new Certificate templates to create existing and upcoming Digital certificate requirements
    • Using existing Http Server & LDAP for CDP ( CRL distribution Point)
    • A well-defined PKI system
    • Defining people, process & technology to manage PKI infrastructure
    • Consolidating and removal of redundant ICA’s thus reducing infrastructure and maintenance cost
    • Provide auditors with the required information for PKI
    • Enable support for new digital certificate demands such as MDM, VPN, and IoT requirements
    • Issuing of valid certificates for existing internal-facing web apps and valid certificate chain

    Want to learn from PKI Experts

    We train some of the biggest names in the industry through virtual & Live Classes

    Get a Free Quote for your PKI services

    Free Downloads for PKI services