Usage Examples of Public Key Infrastructure

This section provides some usage examples of PKI (Public Key Infrastructure), like HTTPS (Hypertext Transfer Protocol Secure) protocol, digital signature, encryption of documents, digital identification.

The most popular usage example of PKI (Public Key Infrastructure) is the HTTPS (Hypertext Transfer Protocol Secure) protocol. HTTPS is a combination of the HTTP (Hypertext Transfer Protocol) and SSL/TLS (Secure Sockets Layer/Transport Layer Security) protocols to provide secure identification of a Website and encrypted communication.

In HTTPS, the Web server's PKI certificate is used by the browser for two purposes:

Here is a simple illustration of using PKI in HTTPS communication:

PKI to Secure Website Communications
PKI to Secure Website Communications

There are 3 major activities illustrated in the diagram:

1. Installing CA (Certificate Authority) root certificate - The browser vendor receives the CA root certificate from the CA, and distributes it as part of the browser installation package.

2. Installing Website certificate - The Website owner sends a certificate request to the CA. The CA, acting as the RA, verifies the Web server identity, and signs (or issues) the Website certificate. The owner then installs the certificate on the Website server.

3.1. Validating Website certificate - An end user visits the Website with the browser and receives a copy of the Website certificate. The browser then acts as the VA and validates it against the pre-installed CA root certificate.

3.2. Securing Website Communications (not shown in the diagram) - If the Website certificate is valid, the browser will use it to share an encryption key with the Website. After that, all communications between the browser and the Website will be encrypted.

Other usage examples of PKI (Public Key Infrastructure) are:

Table of Contents

 About This Book

Introduction of PKI (Public Key Infrastructure)

 What Is PKI (Public Key Infrastructure)

Usage Examples of Public Key Infrastructure

 Most Popular Certificate Authorities

 Introduction of PKI Certificate

 PKI Certificate File Formats

 OpenSSL - Cryptography Toolkit

 "openssl ca" - CA (Certificate Authority) Tool

 Java "keytool" Commands and KeyStore Files

 PKI Certificate Store

 PKCS12 Certificate Bundle File

 PKCS7 Certificate Chain File

 PKI Certificate Related Terminology

 References

 Full Version in PDF/EPUB