Public Key Infrastructure (PKI)

A public-key infrastructure (PKI) is a set of roles, policies, hardware, software and procedures needed to create, manage, distribute, use, store and revoke digital certificates and manage public-key encryption. The algorithms are based on Publick-key cryptography. The format of the digital certificate is defined in X.509 standard.  Certificate Authority – CA digitally signs and publishes … Read morePublic Key Infrastructure (PKI)

Cryptography Basics 1 of 2

I have been dabbling with OpenSSL commands to achieve what I needed during IT implementation, but I decided to spent some time to overcome the conceptual hurdles around cryptography. In this domain, following other people’s instructions through the project does not produce much learning value when too many concepts cloud around. Let’s take the bull … Read moreCryptography Basics 1 of 2

SSH key pair for access between instances in CloudFormation

Update 2023: the practice outlined in this post has been outdated. This post is for archive ony. We use CloudFormation to deploy infrastructure including private and public subnets, as well as EC2 instances. It is a good practice to place as many instances as possible in private subnet and access those only from Bastion Host … Read moreSSH key pair for access between instances in CloudFormation