HACKER Q&A
📣 lifeisstillgood

Reading around PKI, client certificates, vaults etc.


I am trying to refresh and write up my understanding of security and authentication

I am hoping to keep it based around private/public keys and certificates- so having a CA we trust, having each server hold a certificate, having each client / web browser hold a certificate.

I am sure there was a simple approach but I seem to have gotten lost in okta, oauth, AWS and so on

I am no longer sure I get it and would value any pointers to reading folks may have

  👤 ivanr Accepted Answer ✓
I am not sure this is a 100% match for what you're looking for, but my OpenSSL Cookbook (free) has a chapter where you go through all the necessary steps to generate a root CA, intermediates, server and client certificates. You'll learn a lot by going through this exercise while paying attention to the configuration files.

https://www.feistyduck.com/books/openssl-cookbook/