Cryptography: Learn Public Key Infrastructure from Scratch
Offered By: Packt via Coursera
Course Description
Overview
Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
This video course explains how Secure Sockets Layer (SSL) works on websites and the importance of digital certificates in securing communication between clients and web servers. You'll learn to deploy and manage a two-tier PKI on Windows Servers, supporting applications requiring certificate-based security.
Starting with an introduction to PKI and digital certificates, the course covers cryptographic methods used for online data security. You'll explore certification authorities (CA), certificate requests, and services, and configure Network Device Enrollment Service (NDES), Certificate Enrollment Service (CES), and Certificate Enrollment Policy (CEP). A bonus topic includes migrating hashing algorithms from SHA1 to SHA2 on Windows Server 2016.
By the end, you'll be proficient in deploying and configuring PKI on Windows Servers. Key learnings include
- Managing a two-tier PKI on Windows Server 2012 R2
- Understanding encryption and decryption
- Using SSL certificates for website security
- Configuring CDP/CIA extensions and OCSP servers
This course is ideal for candidates with basic knowledge of Windows Servers and networking, IT professionals wanting to learn about Active Directory Certificate Services (ADCS) on Windows infrastructure, and those in cybersecurity or identity and access management.
Syllabus
- Introduction
- In this module, we will provide an overview of the course, outlining the main objectives and the topics that will be explored in the subsequent modules. You will also get a brief on what to expect in terms of learning outcomes and assessments.
- Overview of Public Key Infrastructure
- In this module, we will delve into the fundamentals of Public Key Infrastructure (PKI), starting with its definition and significance. We will explore the diverse uses of PKI, identify the key components that make up a PKI solution, and understand the role and workings of digital certificates in maintaining secure communications.
- Overview of Cryptography
- In this module, we will explore the foundational aspects of cryptography, beginning with a broad overview of its principles. We will compare symmetric and asymmetric encryption techniques, delve into the concept of digital signing, and examine different encryption algorithms. Additionally, we will cover hashing algorithms and their role in ensuring data integrity.
- Certification Authority or CA
- In this module, we will cover the essential aspects of Certification Authorities (CAs), starting with an overview of their roles. We'll differentiate between public and private CAs, explore the structure of root and subordinate CAs, and compare stand-alone vs. enterprise CAs. Furthermore, we will discuss the considerations for setting up a CA hierarchy and provide practical, hands-on guidance for installing a standalone root CA and an enterprise subordinate CA.
- Certificate Request or Enrollment Methods
- In this section, we will explore the different methods for requesting and enrolling certificates. You will learn about certificate templates and the various types of certificate enrollment. The section includes hands-on activities such as requesting certificates through web enrollment, MMC, auto-enrollment, and offline using CSR. Additionally, we will secure a website using a certificate and encrypt and decrypt files with certificates.
- Configuring CA Properties
- In this section, we will delve into configuring various properties of a Certificate Authority (CA). You will learn how to manage CA administration and security settings, set up CA policy and exit modules, and understand the roles of Certificate Revocation Lists (CRLs), Authority Information Access (AIA), and CDP extensions. Finally, we will guide you through configuring AIA and CDP extensions to ensure proper certificate management and accessibility.
- New Roles in Certificate Services
- In this section, we will explore the new roles in Certificate Services and their importance. You will learn about the Network Device Enrollment Service (NDES) and its configuration in two parts. Additionally, we will cover the concepts and setup of Enrollment Agents, including Certificate Enrollment Policy (CEP) and Certificate Enrollment Services (CES). Finally, the section includes configuring an Online Responder (OCSP) to enhance certificate validation processes.
- Migrating Hashing Algorithm from SHA1 to SHA2 on Windows Server 2016 CA
- In this section, we will guide you through the process of migrating the hashing algorithm from SHA1 to SHA2 on Windows Server 2016 Certificate Authority (CA). You will learn how to install and configure both Root and Subordinate CAs. We'll cover the essential planning steps needed before initiating the migration to minimize potential issues. Finally, you will perform the migration on both the Root CA and the Subordinate CA, ensuring a secure and updated cryptographic environment. You will also learn how to validate the successful migration and troubleshoot any challenges that may arise.
Taught by
Packt - Course Instructors
Related Courses
Cifrado con Python: Cifrar Datos con Pares de ClavesCoursera Project Network via Coursera Introduction to Encryption and Cryptography
Raspberry Pi Foundation via edX Cryptography and Digital Certificates
Coventry University via FutureLearn Cryptography and Digital Certificates
Coventry University via FutureLearn Cryptography
(ISC)² via Coursera