Infisical can be used to create a Private Certificate Authority (CA) hierarchy and issue X.509 certificates for internal use. This allows you to manage your own PKI infrastructure and issue digital certificates for subscribers such as services, applications, and devices.

Infisical’s PKI offering is split into three components:

  • Certificate Authorities: Create and manage private CAs, including root and intermediate CAs.
  • Subscribers: Define and manage entities that will request X.509 certificates from CAs. This module provides a centralized view of all subscribers, enabling you to issue certificates and monitor their status.
  • Certificates: Track and monitor issued X.509 certificates, maintaining a comprehensive inventory of all active and expired certificates.