What is public key infrastructure?

Public key infrastructure (PKI) is a system of hardware, software, people, policies, documents, and procedures. It includes the creation, issuance, management, distribution, usage, storage, and revocation of digital certificates. These certificates are then used to authenticate the identities of various actors across the data transfer process. They also assure that the data being moved between these actors is secured and encrypted in a way that both parties can decrypt. This way, information is only being sent to and received from known and trusted sources, and both parties are assured of the information's integrity. To learn more about the encryption and decryption processes that are used in data transfer and storage, see the What is Cryptography? section of this guide.

PKI trust is established by a certificate authority, which is an organization or governing body that can issue certificates and verify the identity of the certificate requestor. AWS offers multiple PKI certificate authority services that can help you easily and securely manage your certificate infrastructure.

To learn more about the terms and concepts used in PKI, see PKI Concepts.

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

AWS PKI services

PKI concepts