DevOps Camp Preview: Automating PKI

DevOps/DSC Camp isn’t a conference – it’s a “working group” of enthusiastic professionals who share their experiences, practices, challenges, and triumphs. Only 20 people are admitted and we have a high alumni rate – and alumni are asked to prepare a presentation. No, we don’t record or stream – you need to be here live! Register at Here’s one alumni session currently proposed:

Automate a Best Practice PKI Infrastructure Using DSC

Missy Januszko

One of the biggest struggles I had when learning DSC was getting encrypted credentials to work.  My initial testing environment had a Windows 2008 R2 PKI and setting up the template for document encryption – and at the time, with limited documentation – wasn’t easy.  Once I had the template functional, I thought it would be “fun” to automate some PKI builds, including single-tier and two-tier PKI builds using DSC, including a DSC template that could automatically deploy a document encryption certificate to nodes.  I will review the steps and code for a single-tier PKI (which currently works in autolab) and the changes and struggles when switching it to a two-tier PKI.  Maybe I’ll even have it all working by then.  🙂

Don’s note: This is another thing I love about Camp. Missy’s pretty much the Diva of PKI in my mind, but it’s been an uphill battle to get all these bits working. At a conference, she’d probably never present this in a semi-finished form, but at Camp she absolutely can. We’re far more interested, as a group, in seeing how it’s put together and maybe offering a suggestion or two than we are in simply being lectured at.

One thought on “DevOps Camp Preview: Automating PKI

  1. Douglas DeCamp

    I would love to read a follow up blog about this, what was discussed or even accomplished due to the conversations had about the DSC template in switching to a two tier PKI infrastructure model.

Comments are closed