pds-it
['Product detail page','no']
IT security / network security
The illustrations were created in cooperation between humans and artificial intelligence. They show a future in which technology is omnipresent, but people remain at the center.
AI-generated illustration

Public key infrastructures (PKI) - setup and administration

Online
2 days
German
Download PDF
€ 1.490,-
plus VAT.
€ 1.773,10
incl. VAT.
Booking number
36169
Venue
Online
2 dates
€ 1.490,-
plus VAT.
€ 1.773,10
incl. VAT.
Booking number
36169
Venue
Online
2 dates
Become a certified
Machine Learning Engineer
This course is part of the certified Master Class "Machine Learning Engineer". If you book the entire Master Class, you save over 15 percent compared to booking this individual module.
To the Master Class
In-house training
In-house training for your Employees only - exclusive and effective.
Inquiries
In cooperation with
You will learn the theoretical basics of Public Key Infrastructure (PKI). You will then learn how to set up, correctly configure, manage, secure and troubleshoot all components of a complete PKI environment.
Contents

A public key infrastructure (PKI) is an effective tool for protecting systems and services on the Internet. Although PKI has been in development for over 20 years, it has only become a hot topic for security managers in the last few years. A major market driver is the new possibilities of digital signatures, which require a PKI.

Public key cryptography is a mature technology that forms the basis for secure protocols. A standard mechanism for the distribution of public keys was not available for a long time. Today, however, progress has been made on both sides. You no longer need to be an expert in public key cryptography to recognize its advantages. There are many different products available on the market today. This course will help you to choose the right option for you and use it successfully.

 

Day 1: Theory day

1. introduction

  • Problem definition
  • History
  • Legal aspects

2. cryptographic basics

  • Symmetric and asymmetric procedures
  • Digital signatures
  • Key Management

3. authentication

  • Password-based
  • One-time passwords
  • Kerberos
  • Public key certificates

4 PKI basis

  • Certificates
  • Certificate Revocation List
  • Policies
  • Certification paths

5. pki components

  • Certification Authority (CA)
  • Registration Authority (RA)
  • Repository
  • Archive
  • Certificate holder
  • Relying Party

6 PKI architectures

  • Single CA
  • Hierarchical infrastructure
  • Network structure
  • Cross-certification
  • Bridges CA

7. verification

  • Construction and verification of certification paths

8. certificate revocation list (CRL)

  • Contents
  • Creating and distributing CRLs

9. directories

  • X.500, LDAP

10. x.509 certificates

  • ASN.1 types
  • Basic content
  • Extensions
  • Use

11. trust, processes, policies

  • Certificate Policies (CP)
  • Certificate Practice Statement

12.applications

  • Web: SSL/TLS
  • E-mail: S/MIME
  • IPsec


Day 2: Practical day

Establishment of a two-tier certification authority environment with a stand-alone offline root certification authority

  • Establishment of an underlying Enterprise (AD-based) Online Sub Certification Authority
  • What is configured differently if only a single-tier CA environment (Enterprise Root CA) is used?
  • Use of the CaPolicy.inf file
  • Complete and correct revocation list configuration (CRL), including configuration of an online responder
  • Configuration of certificate templates
  • Configuration of automatic certificate request, distribution and renewal using GPOs
  • Correct configuration and setup of SSL certificates
  • Certificate revocations
  • Special configurations: archiving private keys, setting up certificate agents, etc.
  • Monitoring of certification authorities
  • Backup and restoration of certification authorities
  • Use of command line tools (e.g. certutil.exe) and PowerShell for the configuration and administration of Certification Authorities
Your benefit

At the end of the theory section, you will be able to,

  • formulate the architecture and components of a public key infrastructure
  • Knowing solutions to problems when setting up a public key infrastructure
  • know what to look out for when defining certificate content
  • Know about the most important standard applications

After the Public Key Infrastructure practice day, you will be able to set up, correctly configure, manage, secure and troubleshoot all the necessary components of a complete PKI environment.

trainer
Thomas Kohler
Methods

This course consists of training training and is led by a trainer who supervises the participants live. Theory and practice are taught with live demonstrations and practical exercises. The video conferencing software Zoom is used.

Final examination
Recommended for

developers and technical architects who want to set up a PKI or create protected applications. Basic knowledge of encryption is an advantage.

Start dates and details

Form of learning

Learning form

19.6.2025
Online
Places free
Implementation secured
Online
Places free
Implementation secured
22.9.2025
Online
Places free
Implementation secured
Online
Places free
Implementation secured

The training is carried out in cooperation with an authorized training partner.

The latter collects and processes data under its own responsibility. Please take note of the corresponding privacy policy

Do you have questions about training?
Call us on +49 761 595 33900 or write to us at service@haufe-akademie.de or use the contact form.