Public Key Infrastructure
218/258
16 Public Key Infrastructure
This chapter explains, how a Public Key Infrastructure (PKI) for storing and
administration of certificates and (private) keys can be established with the
Edge gateway in order to provide protected data communication. First, the
method of asymmetric encryption providing the logical foundation of the PKI
is described, and the single members of the PKI are introduced. Then,
certificates and keys are explained in more detail. Finally, all actions
concerning PKI which are executable within the Control Panel of the Edge
Gateway are explained within a step-by-step description.
Public Key Infrastructure (PKI) means a system to protect data
communication based on asymmetric encryption that maintains digital
certificates by creation, distribution, and checking. The Edge Gateway
stores and prüft digital certificates and can be integrated into a Public Key
Infrastructure.
16.1 Asymmetric encryption
Asymmetric encryption uses a pair of keys consisting of a public key and a
private key.
The private key is used to
·
create signatures and
·
decrypt messages.
Der public key is used to
·
verify signatures and
·
encrypt messages.
A server provides the public key within a certificate. Beside the public key,
a certificate includes even a signature and many more information. With a
certificate, a client can identify a server and can encrypt messages (data)
using the public key and send it to the server. The client does an
authenticity check of the certificate of the server using one or more
trustworthy root certificates which the client has stored in local directory of
trustworthy certificates.
Edge Gateway | NIOT-E-TPI51-EN-RE (Connect)
DOC170502UM04EN | Revision 4 | English | 2018-08 | Released | Public
© Hilscher 2017 – 2018