What are the elements for making a PKI?
Private and Public Keys
PKI uses these asymmetric keys to establish and secure an encrypted connection over the network using asymmetric encryption.
Public Key Certificates
These are issued by Certificate Authorities which prove the ownership of a public key. They state the authenticity of the keyholder.
Certificate Authorities, or CAs, are trusted entities which verify the organization and generate digital certificates which contain information about the organization, as well as the public key of that organization. The digital certificate is signed by the private key of the Certification Authority. This digital certificate can also serve as the identity of the organization and verify them as owners of the public key.
A location where all certificates are stored as well as their public keys, validity details, revocation lists, and root certificates. These locations are accessible through LDAP, FTP or web servers.
Automating PKI Operations
These help in issuing, revoking, and renewing certifications. They are done through certificate management software. A PKI is created for having robust security, and if these tasks aren’t automated, or if one invalid or revoked certificate is out there, bringing productivity or the network to a halt, then it may be catastrophic.