PKI system is currently an important facility for users to securely access basic resources. It ensures the security of users’ access to resources through public third-party authentication. With the gradual deployment and application of PKI technology, various security issues in deployment arise. Attackers can steal user information and disrupt user access by attacking the PKI system. This study starts from the basic working principle of PKI and comprehensively introduces all the elements involved in the practical deployment and application of the PKI system, including PKI architecture, workflow, certificates, certificate chains, certificate revocation, and CI log services. Based on the basic working principles of PKI, this study focuses on comprehensively sorting out and summarizing the security issues that the PKI system faces during its operation from the perspective of PKI system security, including operational and technical risks, measurement and risk detection of PKI system, and various risk prevention technologies for PKI systems. Finally, future research directions in the field of PKI are prospected.