Public Key Infrastructure (PKI)

A public-key infrastructure (PKI) is a set of roles, policies, hardware, software and procedures needed to create, manage, distribute, use, store and revoke digital certificates and manage public-key encryption. The algorithms are based on Publick-key cryptography. The format of the digital certificate is defined in X.509 standard.  Certificate Authority – CA digitally signs and publishes … Read morePublic Key Infrastructure (PKI)

Cryptography Basics 1 of 2

I have been dabbling with OpenSSL commands to achieve what I needed during IT implementation, but I decided to spent some time to overcome the conceptual hurdles around cryptography. In this domain, following other people’s instructions through the project does not produce much learning value when too many concepts cloud around. Let’s take the bull … Read moreCryptography Basics 1 of 2

SSH key pair for access between instances in CloudFormation

We use CloudFormation to deploy infrastructure including private and public subnets, as well as EC2 instances. It is a good practice to place as many instances as possible in private subnet and access those only from Bastion Host in the public subnet. For smaller systems it is even common to use the NAT instance as … Read moreSSH key pair for access between instances in CloudFormation