Quick Answers to Common Questions
Navigating PKI and digital certificate management can be complex. This FAQ section breaks down key concepts and common questions, giving you the clarity you need to manage risk, maintain compliance, and build a more secure digital foundation with Quantum PKI.
Public Key Infrastructure (PKI)
What is Public Key Infrastructure (PKI)?
Public Key Infrastructure (PKI) is the system that keeps communication on the internet secure. It uses digital certificates and encryption to verify identities and protect sensitive data between users, websites, and systems. At its core, PKI is a framework of technologies, processes, and policies that can be applied to both public networks and private systems.
Quantum PKI helps organizations simplify and automate PKI management, ensuring secure, compliant, and efficient operations.
What is a Digital Certificate?
A digital certificate is an electronic document that proves the identity of a website, server, or organization online. It works like a digital ID card, ensuring that the party you are communicating with is legitimate and that your data is encrypted and secure. Digital certificates are the foundation of PKI, SSL/TLS, and secure internet communication, and they can be used for encryption, authentication, and digital signatures.
Quantum PKI helps organizations issue, manage, and automate digital certificates, keeping systems safe, compliant, and efficient.
What is an SSL/TLS Certificate?
SSL/TLS certificates encrypt data between two endpoints, such as a website and a browser, ensuring sensitive information such as passwords, payment details, and personal data stays private and secure.
Quantum PKI assist customers in selecting the correct certificates and ensuring that they are properly installed.
What does Hyper Text Transport Protocol Secure (HTTPS) mean?
HTTPS is the secure version of HTTP. When a website uses HTTPS, all data exchanged between the browser and server is encrypted, preventing attackers from intercepting information.
What is a Certificate Authority (CA)?
A Certificate Authority (CA) is a trusted, third-party organization that validates the identity of entities—such as websites, companies, or individuals—and binds them to cryptographic keys via digital certificates. CAs underpin internet security by issuing SSL/TLS certificates, which enable HTTPS and prove a site is secure and trustworthy. CAs can operate in both public and private trust environments, issuing certificates for internal networks as well as publicly accessible websites.
What is a private Certificate Authority (CA)?
A private certificate authority (private CA) is a system you control that issues digital certificates used to verify identities and enable secure communication, like public CAs but restricted to your own organization or environment.
What is a public Certificate Authority (CA)?
A public trust certificate authority (public CA) is an organization that issues digital certificates that are automatically trusted by browsers, operating systems, and devices worldwide.
Quantum PKI works with global CAs such as; Sectigo, GlobalSign, and HID Global and helps you choose the right one for your organization’s needs.
What is the CA/Browser Forum?
The CA/Browser Forum isn’t a security measure on your website, but it plays a vital role in maintaining trust in web PKI. It is a collaborative forum where certificate authorities and browser vendors (Google – Chrome, Microsoft – Edge, Apple – Safari, Mozilla – Firefox and Opera – Opera Browser) define rules and standards for issuing SSL/TLS certificates, secure emails (S/MIME) and Code Signing certificates.
What is a PKI Health Check?
A PKI health check is a point-in-time assessment of your certificate environment. It identifies potential risks such as expired or misconfigured certificates, weak encryption, or other issues that could impact the security and reliability of your Public Key Infrastructure (PKI). This assessment provides actionable insights to help you maintain a strong and secure PKI.
Quantum PKI offers this service to organizations through in-depth analysis and audit of your PKI operations.
What is PKI Hygiene?
PKI hygiene is the ongoing practice of keeping your certificate environment clean, secure, and well-managed. It goes beyond certificate management, encompassing the right combination of technologies, processes, policies, and people to maintain a strong and resilient PKI. While a PKI health check identifies potential problems at a point in time, PKI hygiene is about preventing issues from occurring in the first place. Together, they help maintain a secure, reliable, and fully trusted PKI environment.
Certificate Lifecycle Management (CLM)
What is Certificate Lifecycle Management (CLM)?
CLM is the process of managing digital certificates, including; discovery/visibility, issuance, deployment, activation, monitoring, renewal, reporting, replacement and revocation of certificates.
Quantum PKI works with trusted industry vendors to help organizations implement discovery, automation, and policy, which minimizes outages and maintains a secure environment.
What is Certificate Automation?
Certificate automation uses software tools to automatically manage certificates. With industry mandates for shorter certificate lifespans were further reduced 15 March 2026, automation ensures compliance without manual effort.
What are the planned changes to the timeline for shorter lived public trusted SSL/TLS certificates?
Publicly trusted SSL/TLS certificates are moving toward shorter lifespans to improve security. The current CAB Forum schedule is:
- March 15, 2026 — Maximum validity: 200 days
- March 15, 2027 — Maximum validity: 100 days
- March 15, 2029 — Maximum validity: 47 days
Shorter lifespans reduce the risk if a certificate is compromised, but they also mean certificates need to be renewed more frequently.
Quantum PKI helps organizations automate certificate management, ensuring continuous security and compliance without manual effort.
What is Internal/External Certificate Discovery?
Internal and external certificate discovery involves scanning both your private Certificate Authorities (CAs) and public-facing CAs across your network and domains.
Quantum PKI can scan internal networks and public domains to identify crypto related compliance gaps, ensuring your PKI environment remains secure and trustworthy.
Post-Quantum Cryptography (PQC)
What is Post-Quantum Cryptography (PQC) Readiness?
PQC readiness is the process of preparing your operational infrastructure including, PKI and cryptographic systems for quantum computing by transitioning to quantum-resistant algorithms and identifying where upgrades are needed; with a focus on cryptographic dependencies in hardware, firmware and software. Post-quantum cryptography (PQC) migration is a major upcoming challenge.
Quantum PKI in alignment with trusted cryptographic authorities helps clients with their postquantum transformation by providing expertise and solutions that guides your transition to best address long-term protection against quantum threats.
What is Cryptography?
Cryptography is the practice of protecting information by transforming it into a secure format that only authorized parties can read. It is the foundation of PKI, SSL/TLS certificates, and secure internet communication. Cryptography ensures that data sent between users, websites, and systems remains private, cannot be tampered with, and can be trusted.
Quantum PKI uses modern cryptography standards to keep your certificates and networks secure.
What is Crypto Agility?
Crypto Agility is the ability of your organization’s operational infrastructure to quickly adapt to cryptographic changes. With evolving technologies and standards, such as shorter certificate lifespans, new algorithms, or post-quantum cryptography (PQC) — crypto agility reduces your threat exposure and keeps your cryptographic infrastructure secure and compliant.
Quantum PKI helps organizations achieve a crypto-agile environment to align cryptography efficiently as standards evolve.
Take Control of Your PKI Environment
You’ve seen how critical PKI, certificates, and cryptography are to securing modern digital environments, but managing them at scale is complex, time-consuming, and increases risk without automation.
Quantum PKI helps you simplify certificate lifecycle management, eliminate blind spots, and stay ahead of evolving industry standards, including shorter certificate lifespans and post-quantum cryptography readiness.
Gain visibility. Reduce risk. Stay compliant.
Ready to Strengthen Your PKI Strategy?
Speak with a Quantum PKI expert to assess your environment, identify risks, and build a roadmap toward a secure, automated, future ready PKI for a quantum world.