Skip to content
Vol. 1 · Ed. 2026
CyberGlossary
English
Entry № 985

Public Key Infrastructure (PKI)

Reviewed byCybersecurity entrepreneur & security researcher

What is Public Key Infrastructure (PKI)?

Public Key Infrastructure (PKI)The combined system of policies, software, hardware and trusted authorities used to issue, distribute, validate and revoke digital certificates that bind identities to public keys.

A PKI implements public-key cryptography at scale. It typically includes a root certificate authority (CA), one or more intermediate CAs, registration authorities, certificate repositories, hardware security modules for key protection, and revocation infrastructure (CRL and OCSP). Subscribers generate keys, prove identity through a certificate signing request, and receive X.509 certificates that relying parties can validate by walking up the chain to a trusted root. PKI underpins TLS/HTTPS, S/MIME email, code signing, document signing, mTLS for services, smart cards and many other use cases. Strong PKI requires careful key-ceremony procedures, lifecycle automation, monitoring of Certificate Transparency logs, and clear policies (CP/CPS).

Examples

  1. 01

    An enterprise PKI that issues smart-card login certificates to all employees from an offline root.

  2. 02

    Let's Encrypt, a public PKI that automates issuance of TLS certificates via the ACME protocol.

Frequently asked questions

What is Public Key Infrastructure (PKI)?

The combined system of policies, software, hardware and trusted authorities used to issue, distribute, validate and revoke digital certificates that bind identities to public keys. It belongs to the Network Security category of cybersecurity.

What does Public Key Infrastructure (PKI) mean?

The combined system of policies, software, hardware and trusted authorities used to issue, distribute, validate and revoke digital certificates that bind identities to public keys.

How do you defend against Public Key Infrastructure (PKI)?

Defences for Public Key Infrastructure (PKI) typically combine technical controls and operational practices, as detailed in the full definition above.

What are other names for Public Key Infrastructure (PKI)?

Common alternative names include: PKI.

Related terms

See also