We would like to introduce a scheme to provide complete functions to operate a public key infrastructure (PKI) on a peer-to-peer environment and a subsystem to store private keys in a peer-to-peer system, and we would use PPPKI for this peer-to-peer PKI scheme. Peer-to-peer systems have many advantages, for example, they withstand DoS attacks and can not be shutdown easily. Therefore, there are many possibilities on peer-to-peer systems. Besides, PKI is a very important infrastructure, which is the base of many electronic applications. PPPKI provides complete functions to operate a PKI system. The functions we design are to create a certificate, to insert a certificate into a peer-to-peer system, to revoke a certificate, and to change the information in a certificate (rekey). Moreover, a scheme to store private keys in the peer-to-peer system is proposed in this paper as a subsystem of PPPKI. If private keys are encrypted and stored in a central database, a manager of the database can use brute-force and dictionary attacks to compromise the private key in a off-line manner. In contrast, any cracker can only try constant times to get encrypted private keys in PPPKI’s subsystem. This probability is almost negligible. Besides the basic functions, we suggest a helper mechanism to prevent a man in the middle (MITM) attack. In a pure peer-to-peer environment, there is no centralized authority, like KDC, to provide a secure communication method between two arbitrary nodes. Consequently, MITM is a serious threat in such an environment. At last, we design a simulation to estimate the resource needed by PPPKI and the performance presented by PPPKI. We found that we can have PPPKI work well with limited resources.