PKI and digital certificates

Using a public key infrastructure (PKI), certificate authority (CA) and digital certificates is a key way to develop a secure network infrastructure for user access, keep data secure and eliminate hacker threats. Get expert advice and tools to implement PKI in your organization.

New & Notable

Download this free guide

Download: Your Complete Guide to IAM

Utilize this 66-page IAM guide to help you stay on top of the latest best practices and techniques. Security expert Michael Cobb explores the risks and rewards of biometrics measures and multifactor authentication, how organizations can assess if it is time to modernize IAM strategies, and much more.

Corporate E-mail Address:
You forgot to provide an Email Address.
This email address doesn’t appear to be valid.
This email address is already registered. Please login.
You have exceeded the maximum character limit.
Please provide a Corporate E-mail Address.
- I agree to TechTarget’s Terms of Use, Privacy Policy, and the transfer of my information to the United States for processing to provide me with relevant information as described in our Privacy Policy.
Please check the box if you want to proceed.
- I agree to my information being processed by TechTarget and its Partners to contact me via phone, email, or other means regarding information relevant to my professional interests. I may unsubscribe at any time.
Please check the box if you want to proceed.

PKI and digital certificates News

January 22, 2020 22 Jan'20
Netgear under fire after TLS certificates found in firmware -- again

Security researchers revealed Netgear firmware exposed TLS certificate keys, but SearchSecurity discovered it wasn't the first time the issue had been reported to the vendor.
September 17, 2019 17 Sep'19
Researcher finds digital certificate fraud used to spread malware

A new certificate fraud scheme involves a threat actor impersonating company execs to purchase certs which are then resold to those looking to spread malware.
March 22, 2019 22 Mar'19
Study reveals sale of SSL/TLS certificates on dark web

Security researchers discovered the availability of SSL/TLS certificates for sale on the dark web, which allow cybercriminals to disguise their malicious activity as legitimate.
March 11, 2019 11 Mar'19
Zscaler charts sharp increase in SSL threats like phishing, botnets

Threat actors are exploiting encryption protocols to deliver malicious content, according to Zscaler, which found a 400% increase in SSL-based phishing threats last year.

PKI and digital certificates Get Started

Bring yourself up to speed with our introductory content

digital signature

A digital signature is a mathematical technique used to validate the authenticity and integrity of a message, software or digital document. Continue Reading
private key

A private key, also known as a secret key, is a variable in cryptography that is used with an algorithm to encrypt and decrypt code. Continue Reading
PKI (public key infrastructure)

A public key infrastructure (PKI) supports the distribution and identification of public encryption keys, enabling users and computers to both securely exchange data over networks such as the Internet and verify the identity of the other party. Continue Reading

Evaluate PKI and digital certificates Vendors & Products

Weigh the pros and cons of technologies, products and projects you are considering.

Can PDF digital signatures be trusted?

Digital signatures on PDF documents don't necessarily guarantee their contents are valid, as new research shows viewer implementations don't always detect incomplete signatures. Continue Reading
IoT identity management eyes PKI as de facto credential

Public key infrastructure is emerging as the essential technology for identity management in IoT, as customers seek out a trifecta of data integrity, authentication and encryption. Continue Reading
Public key pinning: Why is Google switching to a new approach?

After introducing HTTP Public Key Pinning to the internet two years ago, the upcoming Chrome will replace it with the Expect-CT header. Matt Pascucci explains the switch. Continue Reading

Manage PKI and digital certificates

Learn to apply best practices and optimize your operations.

Will DNS Flag Day affect you? Infoblox's Cricket Liu explains

What is DNS Flag Day? That's when old and broken DNS servers will stop working, improving DNS performance and safety for all. Infoblox's chief DNS architect Cricket Liu explains. Continue Reading
Updating TLS? Use cryptographic entropy for more secure keys

Cryptographic entropy is necessary to secure session encryption keys in TLS 1.2, but RSA key transport is not supported in TLS 1.3. Discover the causes for concern with Judith Myerson. Continue Reading
How Windows 10 certificates create a chain of trust

Certificates in Windows 10 create a chain of trust that confirms the identity of the user accessing corporate resources and ensures that she is doing so over a trusted connection. Continue Reading

Problem Solve PKI and digital certificates Issues

We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.

How concerned should I be about a padding oracle attack?

Padding oracle attacks have long been well-known and well-understood. Find out how they work and why using modern encryption protocols can reduce the risks. Continue Reading
What are the steps for an Exchange certificate renewal?

An expired Exchange 2010 certificate is one of those issues that catches everyone's attention. Check and replace certificates with these basic commands. Continue Reading
PGP keys: Can accidental exposures be mitigated?

The accidental publication of an Adobe private key could have put the company in jeopardy. Matt Pascucci explains how it happened and how to better protect PGP keys. Continue Reading