What are the elements for making a PKI?

  • Private and Public Keys: PKI uses these asymmetric keys to establish and secure an encrypted connection over the network using asymmetric encryption.
  • Public Key Certificates: These are issued by Certificate Authorities which prove the ownership of a public key. They state the authenticity of the keyholder.
  • Certificate Authority: Certificate Authorities, or CAs, are trusted entities which verify the organization and generate digital certificates which contain information about the organization, as well as the public key of that organization. The digital certificate is signed by the private key of the Certification Authority. This digital certificate can also serve as the identity of the organization and verify them as owners of the public key.
  • Certificate Repository: A location where all certificates are stored as well as their public keys, validity details, revocation lists, and root certificates. These locations are accessible through LDAP, FTP or web servers.
  • Automating PKI Operations: These help in issuing, revoking, and renewing certifications. They are done through certificate management software. A PKI is created for having robust security, and if these tasks aren’t automated, or if one invalid or revoked certificate is out there, bringing productivity or the network to a halt, then it may be catastrophic.