logo
Defence blues
PKI: The beautiful mess of digital trust (and why nothing works properly)
  • Red wilds
  • Privacy greenhouse
  • Purple crossroads
  • Indigo observatory
  • Contact
Initializing search
      • Golem Trust Computing Ltd.
      • Blue team @SOC
      • Blue team for dev
      • Blue team @Home
      • Bulletproofing servers
        • The wake-up call
        • Hardening Linux server
          • User account sanity checks
          • Remove unnecessary services
          • Preventing unauthorised access while respecting privacy
          • The CIA triad framework for security
          • Virtual network computing
          • Taming permissions, xattrs & the dangers of SUID/SGID
          • PKI: The beautiful mess of digital trust (and why nothing works properly)
            • Certificates, chaos, and why your IoT toaster shouldn’t have HTTPS
            • Internal PKI
            • Pluggable Authentication Modules (PAM)
            • Let’s Encrypt
            • TLS/SSL
          • PKI: The beautiful mess of digital trust (and why nothing works properly)
            • Certificates, chaos, and why your IoT toaster shouldn’t have HTTPS
            • Internal PKI
            • Pluggable Authentication Modules (PAM)
            • Let’s Encrypt
            • TLS/SSL
          • From basic monitoring to intrusion detection
          • Continuous host monitoring and threat detection
          • Incident response plan
          • Troubleshooting
        • Hardening webserver
        • Smarter mail servers
      • Honeytech for humans
      • Stormforge

    PKI: The beautiful mess of digital trust (and why nothing works properly)¶

    Let’s talk about Public Key Infrastructure (PKI), the system that should make secure communication effortless but instead feels like a Rube Goldberg machine held together by duct tape and expired certificates.

    PKI is a necessary disaster

    • Certificates, chaos, and why your IoT toaster shouldn’t have HTTPS
    • Internal PKI
    • Pluggable Authentication Modules (PAM)
    • Let’s Encrypt
    • TLS/SSL
    2025-12-06 22:37
    © Copyright 2025, TyMyrddin.
    Created using Sphinx 7.2.6. and Sphinx-Immaterial

    Made with love in the Unseen University, 2025, with a forest garden fostered by /ut7