PKI GuidePublished on 22 Nov 2007
Tags #GnuPG #OpenPGP #OpenSSL #PKI #Public Key Infrastructure #X.501 #X.509
This document offers a practical introduction to Public Key Infrastructures and the fundamental technologies which are involved. After a formal outline of PKI, two popular implementations are discussed: X.509 PKI and OpenPGP PKI. Every aspect and every task is demonstrated using commands that are based either on the OpenSSL library or the GnuPG command line tool.
One of the topics I specialize in is Secure Gateway and Access Gateway. Both products require certificates to allow for a trust relationship between client and server and to allow for secure communication between these endpoints. Unfortunately, Access Gateway has introduced new challenges to this area because of the format required to import certificates and the corresponding private key.
When setting up such a secure access solution, knowledge of certificates and how to handle them is essential. I realized that most customers do not have this kind of experience in-house. Therefore, I started to create documents providing customers with the necessary information to operate the setup with regards to public key infrastructures. I quickly realized that I have some gaps to fill as well. I started investigating about cryptography and quickly realized that OpenSSL allows most concepts and processes to be reproduced. So, there is a lot of knowledge to share which I decided to do.