PKI & Certificates

Track

PKI & Certificates

Status

ACTIVE

Progress

Production Experience

Interest Link

IT > InfoSec > PKI

Curriculum

Core Modules

Module	Topics	Status
X.509 Fundamentals	Certificate structure, extensions, chains	Done
OpenSSL Operations	CSR generation, signing, verification	Done
Vault PKI	Root CA, Intermediate CA, roles	Done
802.1X EAP-TLS	Client certs, supplicant config	Done
SCEP/EST	Automated enrollment protocols	Planning

Module

Topics

Status

X.509 Fundamentals

Certificate structure, extensions, chains

Done

OpenSSL Operations

CSR generation, signing, verification

Done

Vault PKI

Root CA, Intermediate CA, roles

Done

802.1X EAP-TLS

Client certs, supplicant config

Done

SCEP/EST

Automated enrollment protocols

Planning

Key Commands

# Verify certificate chain
openssl verify -CAfile chain.pem cert.pem

# Check certificate details
openssl x509 -in cert.pem -text -noout

# Generate CSR
openssl req -new -key key.pem -out csr.pem \
  -subj "/CN=host.inside.domusdigitalis.dev"