What is PKI? A Public Key Infrastructure Definitive Guide

What is PKI?

Whether you manage a handful of internal servers or millions of IoT endpoints, PKI is the system that answers a deceptively simple question: How do you know the entity on the other end of a connection is who it claims to be?

This guide covers PKI fundamentals, core components, operational mechanics, real-world applications, and the management challenges organizations face as certificate volumes grow. It is written for cybersecurity professionals who need to understand, evaluate, or optimize their PKI implementations.

Understanding PKI: Definition and Core Purpose

What PKI is and why it exists

Organizations rely on PKI to manage security through public key cryptography, enabling authentication, data integrity, and confidentiality. At its core, PKI solves the problem of trust between participants in networks and distributed systems. Before PKI, systems depended on shared secrets (i.e. passwords and symmetric keys) that just are not scalable and introduced single points of compromise.

PKI emerged in the 1990s to address this trust gap. By shifting from shared keys to public/private key pairs, PKI provided a scalable mechanism for confidentiality, integrity, and authentication. One may think of it as a digital credentialing authority, that is, one that issues cryptographically binding proof of identity.

Unlike a driver’s license, which is only signed data, a digital certificate includes extensions indicating how the identity and key may be used, along with other verifiable information about the holder. This distinction matters: a digital certificate is a cryptographically binding proof of identity, not just a credential you flash at a checkpoint.

The Relationship Between PKI and Digital Certificates

Digital certificates (also commonly referred to as PKI certificates) are the electronic credentials that PKI issues and manages. They bind an identity to a cryptographic key pair, enabling secure authentication and encrypted communication. By far, the most common type of digital certificate is the X.509, which is used in a variety of protocols such as TLS, S/MIME, IPsec, Code Signing, etc.

A digital certificate has several essential qualities:

• Issued by a trusted third party (a Certificate Authority)

• Tamper-resistant: any modification invalidates the certificate

• Traceable: can be verified back to the issuing authority

• Time-limited: carries an expiration date

• Presented for validation: recipients check the certificate before trusting the connection

Certificates verify the owner of a private key and the authenticity of that relationship, giving communicating parties confidence that messages reach their intended recipients and have not been altered in transit.

The Critical Role of Machine Identities

Every person and machine in a modern IT environment needs a digital identity. A machine identity is a non-human digital identity (which is assigned to servers, containers, IoT devices, applications, workloads, etc.) that allows automated systems to authenticate and communicate securely.

The scale is striking: machine identities outnumber human identities by a ratio of roughly 80 to 1. Each of these identities is represented by a digital certificate containing the entity’s public key. They act as digital passports, granting access based on predefined permissions.

Unmanaged machine identities are a serious security risk. Without proper lifecycle management, expired or compromised certificates become backdoors for attackers. The limitations of shared keys and passwords compound this risk. They cannot scale to the volume of machine-to-machine communication in modern infrastructure, and a single compromised credential can expose broad swaths of the network.

The Building Blocks of Public Key Cryptography

Symmetric Cryptography: The Foundation

Symmetric cryptography uses the same key to encrypt and decrypt messages. Its origins stretch back thousands of years, from ancient substitution ciphers such as the Caesar cipher to mechanical rotor machines in the early twentieth century.

The core limitation of symmetric cryptography is key distribution. If the channel used to share the key is compromised, the entire system fails. And in modern networks with thousands of endpoints, securely distributing shared keys to every pair of communicating parties is impractical. The number of shared keys scale quadratically with the number of endpoints. Symmetric encryption alone cannot scale to meet the demands of today’s connected world.

Asymmetric Cryptography: The PKI Cornerstone

Asymmetric cryptography solves the key distribution problem by using two mathematically related but distinct keys: a private key (known only to the owner) and a public key (shareable with anyone).

Here is how it works in practice:

1. Encryption: Alice wants to send a private message to Bob. She encrypts it with Bob’s public key. Only Bob’s private key can decrypt it. Even Alice cannot read the ciphertext she just created.
2. Digital signatures: Bob signs a message with his private key. Alice verifies the signature using Bob’s public key, confirming both that Bob sent it and that the message was not modified in transit.

The most commonly deployed classical algorithms for generating key pairs include RSA, Diffie-Hellman, ECDH, and ECDSA (the latter two instantiated with different elliptic curves). Modern post-quantum cryptographic schemes are emerging alongside these: ML-KEM for key establishment, and ML-DSA, SLH-DSA, LMS, and XMSS for digital signatures. The security of these schemes relies on the hardness of solving certain mathematical problems.

How Symmetric and Asymmetric Encryption Work Together

Asymmetric encryption is significantly slower than symmetric encryption. In practice, the two are combined: the message payload is encrypted with a fast symmetric algorithm, and then the symmetric key itself is encrypted with the recipient’s public key. This delivers the security benefits of asymmetric cryptography without the performance penalty.

Modern systems powered by this model include:

• SSH for secure remote access

• TLS for web and API security

• S/MIME for encrypted email

• Code signing for software integrity

• Bitcoin and blockchain for decentralized trust

• Signal messenger for private communications

How PKI Works: Core Components and Processes

Certificate Authorities (CAs): The Trust Anchors

Certificate Authorities are the entities responsible for issuing, signing, revoking and (if supported) renewing digital certificates. They are also in charge of establishing the policies that govern vetting, issuance, and lifecycle management. CA operators determine the vetting methods, certificate types, parameters, and security procedures. These policies must be formally documented.

Certificate consumers then decide how much trust to place in certificates from any given CA. This is a critical point: trust in PKI is not automatic. It is a deliberate decision based on the CA’s documented practices and reputation.

Because CAs themselves hold certificates, a hierarchical trust structure naturally emerges.

The Certificate Creation Process

The certificate creation workflow follows a well-defined sequence:

1. A subscriber generates a public/private key pair.
2. The public key and identifying attributes are encoded into a Certificate Signing Request (CSR). The subscriber signs the CSR to prove possession of the private key.
3. The issuing CA vets the subscriber’s identifying attributes, validates the CSR, builds the certificate, signs it with the CA’s own private key, and returns the issued certificate to the subscriber.

Anyone can verify a certificate was issued by a specific CA by checking the CA’s digital signature. Trusting the CA means trusting that communications with the certificate holder are secure and authentic.

CA Hierarchies and Root CAs

CAs issue certificates for other CAs, creating layers of trust through hierarchical structures. At the top of every hierarchy sits a root CA, whose certificate is typically self-signed, that is, the issuer and subject are the same entity. Emerging standards also allow for unsigned root certificates in certain contexts.

Trusting a root CA means trusting every certificate that traces back to it. This makes root CA security paramount:

• Root CAs should remain offline whenever they are not needed. They come online only for key creation, to issue certificates and certificate revocation lists, or for integrity verification and compliance audits.

• Private keys are stored in GSA-grade storage facilities with 24/7 physical security, cameras, and guards.

• Root certificates cannot be revoked. If a root CA is compromised, the breach must be made public and the root certificate manually removed from trust stores, similar to what happened after the DigiNotar incident in 2011.

• Root certificates typically last up to 15 years, compared to approximately five years for subordinate CA certificates.

Determining Optimal CA Hierarchy Tiers

A two-tier hierarchy is the standard recommendation: Root CA → Subordinate CAs → End-Entity Certificates.

Two tiers are necessary because root CAs must stay offline, while subordinate CAs need to be online to issue certificates regularly. Subordinate CAs carry higher security risk than root CAs, but if one of them is compromised, its certificate can get revoked by the parent CA, thus withdrawing the trust on the compromised CA which can eventually be replaced with a new CA.

Additional tiers increase complexity in policies and procedures without proportional security gains, reducing usability and scalability.

Certificate Revocation Lists (CRLs)

Certificates can be revoked for several reasons, including private key compromise, cessation of operations, or policy violations. When a certificate needs to be revoked, the issuing CA publishes a Certificate Revocation List (CRL). CRLs are signed lists of certificates that should no longer be trusted.

In theory, relying parties should check CRLs whenever a CRL Distribution Point is provided. In practice, some systems (most notoriously, browsers) perform this check partially or skip it altogether to avoid authentication delays.

The CRLs themselves carry a critical risk: if a CRL expires and cannot be refreshed, applications that enforce CRL validity may reject certificates issued by that CA. An expired CRL can cause widespread authentication failures in an environment that enforces CRL checking. PKI administrators and operational monitoring systems ensure that the CRLs of subordinate CA remain valid, that is, that they are generated and published before they expire.

Trusted Root Certificates in Devices and Operating Systems

Every device and operating system (e.g, phones, laptops, servers) ships with a pre-set trusted root store. Certificates that trace back to a root in the trusted store are automatically accepted by the device. You can view the list of trusted root CAs right in your computer.

Machine owners can configure rules to trust additional certificates or remove trust from pre-set ones, giving organizations control over which CAs their infrastructure recognizes.

Why PKI Is Critical in Today’s Digital Age

The Explosion of Connected Devices and Applications

Millions of applications and connected devices now require certification. Proper authentication and certificate management are essential to securing a highly connected world. PKI is the invisible infrastructure enabling secure digital transactions, communications, and access control at scale.

The Evolution of PKI: Three Waves of Adoption

The First Wave: Beginnings of PKI (1995–2002)

The earliest PKI deployments focused on issuing certificates to eCommerce websites, enabling the lock icon that assured consumers their connection was secure. Certificates were expensive (often thousands of dollars), purchased from public vendors who monitored expiration dates and alerted recipients.

Large organizations attempted enterprise PKI rollouts, but these projects typically spanned two years and cost millions of dollars, often resulting in only a handful of certificates being issued. Management was relatively simple because certificate volumes were small.

The Second Wave: Enterprise PKI Emerges (2003–2010)

The rise of the mobile workforce changed everything. Employees received laptops and needed remote access through VPNs, making device authentication critical. Organizations deployed PKI certificates as digital corporate ID badges, verifying that connecting devices were employee-owned and carried required security software.

TLS certificates appeared on internal web servers to prevent plaintext passwords from traversing networks. New challenges emerged: designing robust, secure PKIs, tracking certificates to prevent expirations, and recovering from compromises. Most organizations introduced in-house PKI management programs led by employees with specialized expertise. This approach was functional but often difficult to sustain and scale, particularly with PKI that does not support protocols to enable lifecycle management such as ACME, CMP, EST and SCEP.

The Third Wave: New Uses and Growing Pains (2011–Today)

Today’s PKI landscape includes millions of certificates for multi-device workforces, embedded cloud system certificates, and IoT device certificates. IoT devices require secure authentication and firmware update capabilities, adding massive certificate volumes to already strained systems.

The management challenges are significant: distributing certificates to the right endpoints, ensuring proper vetting and mapping, and monitoring issued certificates across sprawling infrastructure. The large majority of organizations would rebuild their PKI if they could.

This has driven a shift toward third-party managed service providers and specialized certificate management tools. Similar to the move to cloud computing, organizations are refocusing employee expertise on core business activities rather than infrastructure management. Managed PKI providers offer access to specialized teams, protect against turnover of internal PKI experts, and deliver best-practice programs at scale.

PKI Is Everywhere: Common Use Cases and Applications

Foundational PKI Applications

PKI underpins a wide range of everyday security functions:

• TLS certificates securing web browsing and communications (the familiar padlock symbol)

• Digital signatures on software verifying authenticity and integrity

• Certificate-based access to enterprise intranets and VPNs

• Password-free WiFi access based on device ownership and certificate validation

• Email and data encryption using S/MIME and similar protocols

PKI in Email, Messaging, and Websites

When you send an encrypted email or visit a secure website, PKI is verifying that the communicating parties are who they claim to be and encrypting the communication behind the scenes. This verification-and-encryption cycle happens transparently, making PKI one of the most widely used but least visible security technologies.

PKI for Internet of Things (IoT) Devices

IoT spans smart home products, medical devices, industrial equipment, and connected vehicles. PKI secures communication between these devices and central systems, preventing unauthorized access and ensuring data integrity.

The Home Depot data breach illustrates the risk: hackers accessed the retailer’s point-of-sale system by getting onto the network posing as an unauthenticated HVAC unit. Proper PKI implementation (i.e. issuing certificates to every connected device) would have prevented this incident.

PKI for Remote Work

PKI enables secure authentication for laptops, tablets, and other devices used outside the traditional office. Combined with user credentials, PKI ensures that only approved users and devices interact with company resources, whether connecting internally or remotely.

PKI for Containerized Environments and Service Meshes

Modern containerized environments heavily rely on PKI to provide workloads with cryptographic identity and establish secure service-to-service communications. Some service meshes automatically provision and rotate short-lived digital certificates, enabling mutual authentication and encryption between workloads.

Industry-Specific PKI Use Cases

Automotive Manufacturers

Modern vehicles include built-in GPS, call-for-help services (such as OnStar), and self-monitoring components. Each connectivity feature creates a potential attack surface. If any of these connections are insecure, attackers could access sensitive data or send malware to vehicles. Every connected component requires a digital certificate to ensure security.

Medical Device Manufacturers

Connected medical devices (such as surgical robots, next-generation pacemakers, and monitoring equipment) require heightened security. The FDA mandates that software in medical devices must be updateable for bug fixes and security patches. While this improves device capability, it also creates additional connection points. PKI limits these vulnerabilities by issuing certificates to devices and their communication partners, ensuring data and updates come only from intended sources.

The Challenges of Managing PKI at Scale

One Certificate Can Cause an Outage

PKI is the backbone of secure communication and access control across a wide range of applications. Missing a single certificate renewal can disrupt critical operations, lock out employees, and frustrate customers.

“Shadow IT” compounds the problem. These are unauthorized applications or ad hoc certificates created by employees lurk in infrastructure and can expire unexpectedly, causing disruptions at the worst possible moment.

Manual Certificate Management Is Costly and Risky

Manually managing hundreds or thousands of certificates (each with its own expiration date and access permissions) is a significant operational burden. The certificates you do not know about pose a greater risk than the ones you do.

The impact is significant. It often takes 10 or more members of staff (not only those involved in PKI) and several hours to identify and remediate a single PKI outage.

PKI Management Taxes Overworked Teams

Few organizations have dedicated PKI teams. The responsibility typically falls to overworked security, IT, or infrastructure teams who lack specialized PKI knowledge. This diverts attention from strategic initiatives and accelerates burnout in an already strained environment.

PKI-as-a-Service (PKIaaS) is a solution that addresses this by providing a platform that handles day-to-day certificate issuance, renewal, and revocation, thus freeing internal teams to focus on core competencies.

Best Practices Are Always Changing

PKI implementation offers technical flexibility (such as choice of algorithms, validity periods, and CAs) but straying from best practices triggers browser warnings and compliance failures. Regulations such as NIS2 and DORA in the EU, and SOC-2 in the United States, have specific PKI requirements, and failed audits result in fines and reputational damage.

The standards landscape is also in motion: certificate lifecycles are shortening, key lengths are increasing, and cryptographic algorithms are evolving. The potential threat of quantum computing is accelerating the development of post-quantum cryptography (PQC) algorithms to eventually replace current standards. Organizations that build flexibility into their PKI today will be better positioned for these transitions.

Gaining Visibility and Achieving PKI Mastery

The first step toward effective PKI management is gaining complete visibility into your certificate landscape, discovering all certificates across devices, applications, and systems.

Effective PKI management tools conduct proactive discovery and compile certificates into a unified hub. From there, automation handles certificate lifecycles (issuance, renewal, revocation) and enforces stricter certificate policies. PKI expertise does not have to be built in-house; partnering with PKIaaS providers is an option that offers streamlined infrastructure, customized strategies, and a solid PKI foundation.

Keyfactor’s Role in Modern PKI and Certificate Management

Comprehensive PKI Platform

Keyfactor is a global leader in digital trust and quantum-safe security, specializing in PKI and certificate management solutions. The platform issues, manages, renews, and revokes digital certificates for users, devices, applications, and machine identities. With Keyfactor, enterprises get access to PKI experts and the #1 ranked product on the market.

EJBCA, Keyfactor’s PKI platform, provides the core trust infrastructure: root and subordinate CAs, enrollment workflows, certificate validation services, and support for protocols including ACME, EST, SCEP, and CMP. Combined with certificate lifecycle automation and cryptographic discovery and inventory capabilities, Keyfactor delivers an end-to-end solution for organizations of any scale.

Addressing the Visibility and Scale Challenge

Keyfactor’s cryptographic discovery and inventory tools automate the discovery of every cryptographic asset in an organization’s environment. The unified hub approach brings visibility to certificates scattered across devices, applications, and systems, enabling proactive management that prevents outages caused by expired or compromised certificates.

Reducing Team Burden with PKI-as-a-Service

Keyfactor’s PKIaaS offering provides access to a team of PKI experts who handle day-to-day certificate issuance, renewal, and revocation. This frees internal security, IT, and infrastructure teams to focus on core competencies and strategic initiatives. It also protects against PKI expert turnover and enables organizations to scale PKI operations without expanding headcount.

Ensuring Compliance and Best Practices

Keyfactor’s EJBCA helps organizations stay current with evolving best practices, including shorter certificate lifecycles and stronger key lengths. The platform supports compliance with regulations such as NIS2, DORA, and SOC-2 through documented policies and audit-ready reporting, and plays an active role in preparing organizations for the migration to post-quantum cryptography.

Enabling Crypto-Agility and Quantum Readiness

Crypto-agility is the ability to quickly adapt to new cryptographic algorithms and standards. It is essential for long-term PKI resilience. Keyfactor’s platform supports algorithm transitions, including the shift to PQC algorithms, positioning organizations to respond to emerging threats without rebuilding their infrastructure from scratch.

Trusted by Major Enterprises Across Industries

Keyfactor solutions are trusted by major enterprises in financial services, healthcare, automotive, telecom, and industrial IoT. The platform supports a broad range of use cases (such as securing devices, workloads, AI agents, and connected systems) with the visibility, control, and automation needed to manage cryptographic assets at scale.

Got PKI questions?
We’ve got answers.