Public Key Infrastructure (PKI) Lab

Introduction

This lab explores the foundation of Public Key Infrastructure (PKI), focusing on digital certificate creation, Certificate Authority (CA) configuration, and web server authentication. PKI provides the necessary trust model to validate public keys, protecting users from Man-in-the-Middle (MITM) attacks during encrypted web communication. The lab also simulates a real-world attack scenario where a compromised CA is used to sign a malicious certificate.

Design

The lab environment was created using Docker containers and configured to simulate secure and insecure HTTPS scenarios. It included generating a self-signed root CA certificate, signing server certificates for a legitimate domain, and forging a certificate for a malicious domain to study browser behavior under compromised trust conditions.

Docker was set up with shared volumes for transferring keys and certificates between the host and containers. OpenSSL was used for certificate creation and signing, while Apache was configured to serve HTTPS traffic using the generated certificates.

The lab infrastructure included:

• Host A (10.9.0.5): Certificate Authority and client system
• Host B (10.9.0.6): Legitimate Apache web server
• Host M (10.9.0.105): Attacker simulating a MITM attack

My goal

My goals in this lab included:

• Understanding the core components of PKI (CA, certificates, private/public keys).
• Creating and managing a self-signed root CA.
• Generating and signing CSRs (Certificate Signing Requests).
• Deploying certificates on an HTTPS server.
• Simulating an MITM attack using a forged certificate to study browser responses.

Results & Conclusion

The lab successfully demonstrated both the protection and vulnerabilities of PKI systems.

• A trusted HTTPS website was hosted at https://www.corpuz25.com, using a certificate signed by the custom root CA.
• Subject Alternative Names (SANs) were included to support multiple aliases.
• Apache was configured with the signed certificate and private key, providing a secure connection recognized by browsers after importing the root CA.
• A malicious domain, https://www.korpuz25.com, was created and assigned a forged certificate also signed by the same CA.
• Browsers displayed security warnings unless the fake CA was manually trusted, showing the impact of a compromised CA.

Pros:

• Gained experience generating and inspecting X.509 certificates.
• Observed the impact of CA compromise on user trust and browser validation.
• Hands-on insight into how HTTPS secures communication.

Cons:

• Browser trust decisions can be bypassed by uninformed users.
• Key management and certificate revocation are complex in real-world scenarios.
• Forged certificates from a compromised CA remain dangerous without proper validation checks.

This lab underscored the importance of secure key storage, certificate verification, and user awareness. While PKI provides strong security guarantees, its effectiveness depends on trusted CAs, user caution, and secure implementation practices.

References

• SEED Labs – Public Key Infrastructure (PKI). Wenliang Du. https://seedsecuritylabs.org/Labs_20.04/PKI/
• SEED Labs – TLS Lab (Companion Lab). https://seedsecuritylabs.org/Labs_20.04/TLS/
• OpenSSL Documentation. (n.d.). https://www.openssl.org/docs/
• Full Write Up: Source