Microsoft PKI In-depth Training – Charleston June 10-14, 2019


PKI Solutions In-depth 5 day hands-on training

SKU: PKI In-depth Class - Onsite Category:


All of our training courses are available for private delivery onsite at your organization. For a fixed fee accommodating up to 10 students, our private deliveries enable to you avoid employee travel, out of office issues and provides a schedule that meets your needs. Ask us for details on how to book a delivery.

The ability to design and manage a Public Key Infrastructure (PKI) is highly dependent on the skills and knowledge of those managing it. This course is a deep-dive into PKI and Active Directory Certificate Services (ADCS) by focusing on building knowledge and skills with all of its features. There is a strong emphasis on security, best practices, and hands-on skills labs.

Class audience: This course is recommended for anyone using, managing, deploying or designing PKI solutions with ADCS components.

Course details: Download here.


Class syllabus

Certificates & Certificate Stores

  • Digital Certificates
  • Keypairs
  • Windows Certificate Stores

Certification Authorities (CA) and Hierarchies

  • Certification Authorities
  • Trusted Root Certificates
  • PKI Definition Documents

Crypto Service Providers, Algorithms, and Keys

  • CSP overview
  • Crypto Next Generation
  • Suite-B compatibility
  • Cryptographic Functions
    • Encryption Types
    • Hashing
    • Cryptographic Keys
    • Key Types
    • Key Lengths

Certificate Revocation Lists

  • Base and Delta CRL Overview
  • CRL Overlap
  • Design Principles

LAB 1: Deploy a 2-tier PKI

Certificate Validation

  • Chain Building
  • Revocation checking
  • Troubleshooting Tools and Techniques

Online Certificate Status Protocol

  • Overview
  • OCSP Process
  • Limitations
  • Design Configurations
  • Weaknesses

Lab 2: Deploy an OCSP Responder

Enterprise Templates

  • Overview
  • Template Schema Versions
  • Template Properties
  • Template Configuration Versioning

Certificate Enrollment

  • Enrollment Overview
  • Certificate Authority Web Enrollment (CAWE)
  • Cross Forest Enrollment

Automated Certificate Enrollment

  • Certificate Autoenrollment Overview
  • Group Policy Settings
  • Autoenrollment Processes
  • Troubleshooting

Certificate Enrollment Web Services (CES/CEP)

  • Overview
  • Infrastructure Requirements
  • Installation & Configuration
  • Troubleshooting

LAB 3: Deploy CES/CEP

Renewing, Upgrading and Migrating CAs

  • CA Renewals
  • OS Upgrades
  • Migration Scenarios
  • Migration Process

High Availability

Disaster Recovery

Cloud PKI Architecture

What’s New in 2016

Common ADCS Mistakes

ADCS Known Issues

Troubleshooting CA Issues

ADCS Debug Logs

ADCS Configuration