Verifying a certificate
First Claim
1. A method, comprising:
- receiving, from an application on a mobile device, a request to connect to a Virtual Private Network (VPN) server;
obtaining, at the mobile device, a certificate of the VPN server;
performing, at the mobile device, a device-level certificate verification based on the certificate according to a device-level security policy;
in response to the device-level certificate verification being successful, determining, at the mobile device, whether an application-level certificate verification for the certificate of the VPN server is provisioned for the application;
in response to determining that the application-level certification verification is provisioned, performing, at the mobile device, the application-level certificate verification based on the certificate of the VPN server according to an application-level security policy associated with the application, wherein the application-level security policy is different than the device-level security policy; and
in response to verifying that the certificate passes the application-level certificate verification, connecting to the VPN server.
3 Assignments
0 Petitions
Accused Products
Abstract
Systems, methods, and software can be used to verify a certificate. In some aspects, a request to connect to a Virtual Private Network (VPN) server is received from an application on a mobile device. A certificate of the VPN server is obtained at the mobile device. A device-level certificate verification for the certificate is performed. Whether an application-level certificate verification is provisioned for the application is determined. In response to determining that the application-level certification verification is provisioned, the application-level certificate verification for the certificate is performed. In response to verifying that the certificate passes the application-level certificate verification, the mobile device is connected to the VPN server.
-
Citations
20 Claims
-
1. A method, comprising:
-
receiving, from an application on a mobile device, a request to connect to a Virtual Private Network (VPN) server; obtaining, at the mobile device, a certificate of the VPN server; performing, at the mobile device, a device-level certificate verification based on the certificate according to a device-level security policy; in response to the device-level certificate verification being successful, determining, at the mobile device, whether an application-level certificate verification for the certificate of the VPN server is provisioned for the application; in response to determining that the application-level certification verification is provisioned, performing, at the mobile device, the application-level certificate verification based on the certificate of the VPN server according to an application-level security policy associated with the application, wherein the application-level security policy is different than the device-level security policy; and in response to verifying that the certificate passes the application-level certificate verification, connecting to the VPN server. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A mobile device, comprising:
-
a memory; and at least one hardware processor communicatively coupled with the memory and configured to; receive, from an application on the mobile device, a request to connect to a Virtual Private Network (VPN) server; obtain, at the mobile device, a certificate of the VPN server; perform, at the mobile device, a device-level certificate verification based on the certificate according to a device-level security policy; in response to the device-level certificate verification being successful, determine, at the mobile device, whether an application-level certificate verification for the certificate of the VPN server is provisioned for the application; in response to determining that the application-level certification verification is provisioned, perform, at the mobile device, the application-level certificate verification based on the certificate of the VPN server according to an application-level security policy associated with the application, wherein the application-level security policy is different than the device-level security policy; and in response to verifying that the certificate passes the application-level certificate verification, connect to the VPN server. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A non-transitory computer-readable medium containing instructions which, when executed, cause a computing device to perform operations comprising:
-
receiving, from an application on a mobile device, a request to connect to a Virtual Private Network (VPN) server; obtaining, at the mobile device, a certificate of the VPN server; performing, at the mobile device, a device-level certificate verification based on the certificate according to a device-level security policy; in response to the device-level certificate verification being successful, determining, at the mobile device, whether an application-level certificate verification for the certificate of the VPN server is provisioned for the application; in response to determining that the application-level certification verification is provisioned, performing, at the mobile device, the application-level certificate verification based on the certificate of the VPN server according to an application-level security policy associated with the application, wherein the application-level security policy is different than the device-level security policy; and in response to verifying that the certificate passes the application-level certificate verification, connecting to the VPN server. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification