askvity

What is cloud PKI?

Published in Cloud PKI Definition 3 mins read

Cloud PKI refers to a Public Key Infrastructure (PKI) solution that is hosted and managed in the cloud. A key function is that it provides a SCEP service that acts as a Certificate Registration Authority. This means it manages the process of issuing and managing digital certificates using cloud-based services instead of on-premises infrastructure.

Key Aspects of Cloud PKI

Here are some key aspects to understand about Cloud PKI:

  • Cloud-Based Infrastructure: Cloud PKI leverages cloud computing resources (servers, storage, etc.) to provide PKI services.
  • Certificate Management: It handles the creation, issuance, renewal, and revocation of digital certificates.
  • Scalability and Flexibility: Cloud PKI offers scalability to meet changing demands and flexibility to integrate with various applications and services.
  • Managed Services: Many Cloud PKI solutions are offered as managed services, where the provider handles the operational aspects of the PKI.

How Cloud PKI Works with SCEP and Intune

One specific application mentioned is the use of Cloud PKI with the Simple Certificate Enrollment Protocol (SCEP) and Microsoft Intune:

  1. SCEP Service: The Cloud PKI provides a SCEP service that acts as a Certificate Registration Authority.
  2. Certificate Request: The SCEP service requests certificates from the Issuing Certificate Authority (CA) on behalf of Intune-managed devices.
  3. Intune Integration: Intune-managed devices receive certificate and SCEP profiles.
  4. Certificate Delivery: A device checks in with Intune, receives the trusted certificate, and the associated SCEP profiles.

Benefits of Cloud PKI

Here are some benefits of using Cloud PKI:

  • Reduced Costs: Eliminates the need for expensive on-premises hardware and infrastructure.
  • Simplified Management: Offloads the operational burden of managing a PKI to the cloud provider.
  • Improved Scalability: Easily scales to meet changing certificate requirements.
  • Enhanced Security: Leverages the security infrastructure of the cloud provider.

Example Use Case

Imagine a company needs to issue digital certificates to all its mobile devices for secure email and network access. Using a Cloud PKI solution, the company can:

  • Integrate the Cloud PKI with its Mobile Device Management (MDM) solution like Intune.
  • Configure SCEP profiles in the MDM.
  • Automatically issue certificates to all enrolled devices without manual intervention.

Related Articles