1 BEYOND SECRET STORAGE Brett Mack @phpops Using Vault & The PKI Backend To Harden Your Infrastructure
Vault: Beyond secret storage - Using Vault to harden your infrastructure
Jan 11, 2017
Welcome message from author
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
1
BEYOND SECRET STORAGE
Brett Mack@phpops
Using Vault & The PKI Backend To Harden Your Infrastructure
2
ABOUT ME
BRETT MACK
DevOps Consultant OpenCredo
3
Agenda
• What is PKI • How can we achieve this with Vault • Brief Demo • Issues we encountered • Conclusion / Where we go from here
5
9
What is PKI
A public key infrastructure (PKI) supports the distribution and identification of public encryption keys, enabling users and computers to both securely exchange data
over networks such as the Internet and verify the identity of the other party
10
What is PKI
X.509
X.509v3 - PKIX
11
What is PKI
Certificate
12
What is PKI
Intermediate CA
Certificate
13
What is PKI
ROOT CA
Intermediate CA
Certificate
14
DEMO
15
Issues
16
Where to go from here
Content-Security-Policy
Public-Key-Pins
Strict-Transport-Security
17
18
We’re Hiring
https://opencredo.com
https://opencredo.com/blog
https://github.com/opencredo/vault-pki-demo
Related Documents
