logo
Blue team
PKI: The beautiful mess of digital trust (and why nothing works properly)
  • Red team
  • Green team
  • Purple team
  • Indigo team
  • Broomstick Brief
  • Ty Myrddin
Initializing search
      • Blue team @SOC
      • Blue team for dev
      • Blue team @Home
      • Bulletproofing servers
        • The wake-up call
        • Hardening Linux server
          • User account sanity checks
          • Remove unnecessary services
          • Preventing unauthorised access while respecting privacy
          • The CIA triad framework for security
          • Title
          • Taming permissions, xattrs & the dangers of SUID/SGID
          • PKI: The beautiful mess of digital trust (and why nothing works properly)
            • Certificates, chaos, and why your IoT toaster shouldn’t have HTTPS
            • Internal PKI
            • Pluggable Authentication Modules (PAM)
            • Let’s Encrypt
            • TLS/SSL
          • PKI: The beautiful mess of digital trust (and why nothing works properly)
            • Certificates, chaos, and why your IoT toaster shouldn’t have HTTPS
            • Internal PKI
            • Pluggable Authentication Modules (PAM)
            • Let’s Encrypt
            • TLS/SSL
          • From basic monitoring to intrusion detection
          • Continuous host monitoring and threat detection
          • Incident response plan
          • Troubleshooting
        • Hardening webserver
        • Smarter mail servers
      • Honeytech for humans

    PKI: The beautiful mess of digital trust (and why nothing works properly)¶

    Let’s talk about Public Key Infrastructure (PKI)—the system that should make secure communication effortless but instead feels like a Rube Goldberg machine held together by duct tape and expired certificates.

    PKI is a necessary disaster

    • Certificates, chaos, and why your IoT toaster shouldn’t have HTTPS
    • Internal PKI
    • Pluggable Authentication Modules (PAM)
    • Let’s Encrypt
    • TLS/SSL
    Last update: 2025-05-19 17:28
    Back to top
    Previous Mandatory access control (MAC)
    Next Certificates, chaos, and why your IoT toaster shouldn’t have HTTPS
    © Copyright 2025, TyMyrddin.
    Created using Sphinx 7.2.6. and Sphinx-Immaterial

    Made with love in the Unseen University, 2025, with a forest garden fostered by /ut7