pds-it
['Product detail page','no']
IT security / cybersecurity
'
All trainings
/
IT Security
/
Cybersecurity
The illustrations were created in cooperation between humans and artificial intelligence. They show a future in which technology is omnipresent, but people remain at the center.
AI-generated illustration

Public key infrastructures (PKI) - setup and administration

Set up and manage certificates, CAs and policies

Online
2 days
German
Download PDF
€ 1.490,-
plus VAT.
€ 1.773,10
incl. VAT.
Booking number
36169
Venue
Online
3 dates
€ 1.490,-
plus VAT.
€ 1.773,10
incl. VAT.
Booking number
36169
Venue
Online
3 dates
Become a certified
Machine Learning Engineer
This course is part of the certified Master Class "Machine Learning Engineer". If you book the entire Master Class, you save over 15 percent compared to booking this individual module.
To the Master Class
In-house training
In-house training just for your employees - exclusive and effective.
Inquiries
In cooperation with
In cooperation with
ITech Progress
Understand and implement PKI professionally: In this PKI course, you’ll learn the basics of cryptography, plan and operate a secure Microsoft PKI, and set up a multi-level Certification Authority (CA) yourself.
Contents

Public-key infrastructures (PKI) form the foundation for trusted digital communication. Digital certificates enable the reliable authentication of systems, services, and users, as well as the encryption and signing of data—both on the internet and within corporate networks.

In this PKI course, you will gain the knowledge needed to understand, plan, and securely operate PKI environments. You will learn the basics of encryption, digital signatures, and certificates, and discover how public key infrastructures are used in modern IT environments.

Through hands-on setup of a multi-tier Microsoft PKI environment, you will work with certification authorities (CAs), certificates, and related services. By the end of the Public Key Infrastructure course, you will be able to plan, implement, and reliably operate a PKI in your own environment.

 

Day 1

1. Introduction:

  • The Issue – Why Do We Actually Need PKI?
  • Historical Development
  • Legal aspects

 

2. Cryptographic Fundamentals:

  • Symmetric and asymmetric encryption methods
  • Digital Signatures
  • Post-quantum cryptography – Quantum computers: the new challenge

 

3. Authentication:

  • multi-factor authentication
  • One-time passwords
  • Kerberos
  • Public key certificates

 

4. PKI Foundation:

  • Certificates, Types, Certificate Requirements
  • Certificate Revocation List
  • Policies
  • Certification paths

 

5. PKI components:

  • Certification Authority (CA)
  • Registration Authority (RA) Public Key Infrastructures (PKI) form the foundation for trusted digital communication. Digital certificates enable the reliable authentication of systems, services, and users, as well as the encryption and signing of data—both on the Internet and within corporate networks.
  • In this PKI course, you will gain the knowledge needed to understand, plan, and securely operate PKI environments. You will learn the basics of encryption, digital signatures, and certificates, and discover how public key infrastructures are used in modern IT environments.
  • Through hands-on setup of a multi-tier Microsoft PKI environment, you will work with Certification Authorities (CAs), certificates, and related services. By the end of the course, you will be able to plan, implement, and reliably operate a PKI in your own environment.
  • Repository
  • Archive
  • Certificate holder
  • Relying Party

 

6. PKI Architectures:

  • Standalone CA, Enterprise CA, Offline CAs
  • Hierarchical infrastructures (multi-level CAs)
  • Cloud-based CAs
  • Cross-certification
  • Bridges CA

 

7. Verification:

  • Construction and verification of certification paths
  • Chain of Trust

 

8. certificate revocation list (CRL)

  • Contents
  • Creating and distributing CRLs

 

9. Directories:

  • X.500, LDAP

 

10. X.509 certificates:

  • ASN.1 types
  • Basic Content (V1)
  • Extensions (V3)
  • Use

 

11. Trust, Procedures, Policies:

  • Certificate Policies (CP)
  • Certificate Practice Statement

 

12. Applications:

  • Web: SSL/TLS
  • e-mail: S/MIME
  • IPsec
  • VPN
  • Co-design

 

13. Requesting Certificates:

  • Certificate Signing Request
  • OpenSSL
  • Web interface
  • Certificate Templates (Microsoft Enterprise CA)
  • GPOs
  • ACME (Automated Certificate Management Environment)
     

Day 2: Practical day

Implementation of a two-tier certification authority (CA), comprising:

  • Standalone Offline Root CA (on Windows Server)
  • Underlying Enterprise (AD-based) Sub-CA (iCA), Online
  • What is configured differently if only a single-tier CA environment (Enterprise Root CA) is used?
  • Use of the CaPolicy.inf file
  • Complete and correct revocation list configuration (CRL), including configuration of an online responder
  • Configuration of certificate templates
  • Configuration of automatic certificate request, distribution and renewal using GPOs
  • Configuration and Setup of SSL/TLS Certificates
  • Certificate revocations
  • Special configurations: archiving private keys, setting up certificate agents, etc.
  • Monitoring of Certification Authorities (CAs)
  • Backing Up and Restoring CAs
  • Using command-line tools (e.g., certutil.exe) and PowerShell to configure and manage CAs
  • Tips and tricks for setting up and troubleshooting Microsoft PKI systems

 

Requirements: 

A basic understanding of encryption is helpful.

Your benefit
  • Understanding the fundamentals of modern cryptography, as well as how symmetric and asymmetric encryption methods, digital signatures, and future cryptographic developments work
  • Understanding the architecture, components, and functioning of a public-key infrastructure (PKI), as well as its use in securing digital systems and services
  • Identifying common challenges and risks in the planning and operation of PKI environments, and applying best practices to prevent misconfigurations
  • Evaluating potential use cases for PKI in internal, external, and cloud-based infrastructures
  • Designing secure PKI architectures, taking into account certification authorities, certificate hierarchies, chains of trust, and policies
  • Understanding the structure of digital certificates and defining certificate content, certificate policies, and lifecycles
  • Classify key PKI applications such as TLS/SSL, S/MIME, VPN, IPsec, and code signing to secure communication and software
  • Planning and Implementing a Multi-Tier Microsoft PKI Environment with an Offline Root CA and Enterprise Sub CA
  • Configure, manage, and secure a Microsoft PKI, including certificate templates, certificate revocation lists (CRLs), online responders, and automated certificate distribution
  • Analyzing PKI issues and performing monitoring, maintenance, and troubleshooting in the operation of certification authorities
trainer
Thomas Kohler
Methods

On the first day, you'll learn the theoretical basics of Public Key Infrastructure (PKI).

The second day is structured as a workshop. Here, you can put the knowledge you’ve gained to the test in a practical setting.

Final examination
Recommended for

This PKI course is designed for system administrators, developers, security professionals, and IT architects who want to plan, implement, or operate secure applications using digital certificates.

The Public Key Infrastructure course is particularly appealing to:

  • Windows Administrators
  • Security Engineers
  • PKI Administrators
  • Zero-Trust / Identity Projects
Start dates and details

Form of learning

Learning form

11.5.2026
Online
Places free
Implementation secured
Book
Online
Places free
Implementation secured
Book
8.7.2026
Online
Places free
Implementation secured
Book
Online
Places free
Implementation secured
Book
8.10.2026
Online
Places free
Implementation secured
Book
Online
Places free
Implementation secured
Book

The training is carried out in cooperation with an authorized training partner.

The latter collects and processes data under its own responsibility. Please take note of the corresponding privacy policy

No items found.
No items found.
*Mandatory fields

Do you have questions about training?

Call us on +49 761 595 33900 or write to us at service@haufe-akademie.de or use the contact form.

The illustrations were created in cooperation between humans and artificial intelligence. They show a future in which technology is omnipresent, but people remain at the center.
AI-generated illustration
skill it logo
where tech professionals grow
Terms and conditions
Legal notice
Data Protection
Cookie settings