Post-quantum cryptography (PQC) is becoming a critical requirement for modern security infrastructures. In this workshop, we explore how to build a hybrid post-quantum PKI using EJBCA, leveraging hybrid certificates that combine classic cryptographic algorithms like ECDSA with post-quantum algorithms such as MLDSA. The workshop also includes a hands-on demonstration where we set up a hybrid PKI, generate cryptographic keys, create a certificate authority (CA) hierarchy, and issue certificates using CMP with indirect proof of possession. This practical approach showcases how organizations can prepare for post-quantum security while maintaining compatibility with existing systems.