Nethence Systems - Public Key Infrastructure

systems, network & storage engineering

UNIX / Linux | Distributed Storage | Cloud & Virtualization | Public Key Infrastructure

Applied cryptography

public PKI

Fine-tune ciphers, parameters and get an A+ on SSL Labs

• SSL offloading and load-balancing with HAProxy
• consolidate and harmonize public usage of SSL certificates

private PKI

Either using internal DNS view with public certificates –or– using a private Certification Authority with a managed workstation fleet:

• setup a private CA and internal DNS
• maintain CA’s public key on devices and employees' equipments
• consolidate and harmonize corporate usage of SSL certificates

IDM

Setup Samba4 for AD-capable products and Windows workstations.

hardening

What is missing in the CIA acronym (Confidentiality, Integrity, Availability)? How to prevent Meet in the Middle attacks? Authentication – Trusted Platform Module (TPM) powered SSL client certificates – and eventually spare the pain of setting up an SSO.

Keywords

IDM: NIS LDAP OpenLDAP “389 Directory Server” RHDS “Apache Directory” Samba3+LDAP Samba4 FreeIPA Keycloak OAuth2 Yubikey SIM “Smart card” TPM

PKI: X509 PKIX SSL TLS LibreSSL MITM DPI “SSL interception” “SSL termination” “SSL offloading”

HA & LBS: NGINX HAProxy WS WSS websocket Varnish Keepalived Linux-HA Heartbeat RHCS MC/SC MC/ServiceGuard Cloudflare “AWS CloudFront”

Interested?

Contact us for a quote!

<contact@nethence.com> (STARTTLS)

+33 970 466 833 (French number)