METHOD AND SYSTEM FOR THE DIGITAL CERTIFICATE GENERATION AND DISTRIBUTION
First Claim
1. A system for automated generation and distribution of certificates within a computer network of computer systems, the system comprising:
- a first computer system, the first computer system acting as an agent system, the agent system making a request for a certificate authenticating the agent system via a first registration/discovery port of the agent system; and
a second computer system, the second computer system acting as a manager system, the manager system receiving the request and automatically generating the certificate authenticating the agent system in response to the request from the agent system via a second registration/discovery port of the manager system, wherein each of the first and second registration/discovery ports identifies computer systems in the computer network such that the agent system and the manager system achieve authenticated channel communication without reliance on a certificate authority.
1 Assignment
0 Petitions
Accused Products
Abstract
Method and system aspects for automated generation and distribution of certificates in a computer network of computer systems are described. These aspects include generating a request by a first computer system for a certificate from a second computer system, and responding to the request in the second computer system by automatically generating the certificate and distributing the certificate to the first computer system. Further, generating a request includes issuing a POST/CERTREQ request, and sending a self-signed certificate from the first computer system to the second computer system using HTTP. Automatically generating the certificate includes sending a sequence of certificates to the first computer system, the sequence of certificates including the newly generated certificate of the first computer system with a signature from the second computer system and a self-signed certificate from the second computer system.
23 Citations
25 Claims
-
1. A system for automated generation and distribution of certificates within a computer network of computer systems, the system comprising:
-
a first computer system, the first computer system acting as an agent system, the agent system making a request for a certificate authenticating the agent system via a first registration/discovery port of the agent system; and
a second computer system, the second computer system acting as a manager system, the manager system receiving the request and automatically generating the certificate authenticating the agent system in response to the request from the agent system via a second registration/discovery port of the manager system, wherein each of the first and second registration/discovery ports identifies computer systems in the computer network such that the agent system and the manager system achieve authenticated channel communication without reliance on a certificate authority. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A method for automated generation and distribution of certificates in a computer network of computer systems, the method comprising:
-
generating a request by a first computer system for a certificate authenticating the first computer system from a second computer system via a first registration/discovery port of the first computer system; and
responding to the request in the second computer system by automatically generating the certificate authenticating the first computer system and distributing the certificate to the first computer system via a second registration/discovery port of the second computer system, wherein each of the first and second registration/discovery ports identifies computer systems in the computer network such that certificate generation occurs without reliance on a certificate authority. - View Dependent Claims (9, 10, 11, 12, 13)
-
-
14. A computer readable medium containing program instructions for automated generation and distribution of certificates in authenticated channel communication over an insecure computer network of computer systems, the program instructions comprising:
-
supporting a request by a first computer system for a certificate authenticating the first computer system from a second computer system via a first registration/discovery port of the first computer system; and
providing a response to the request in the second computer system by automatically generating the certificate authenticating the first computer system and distributing the certificate to the first computer system via a second registration/discovery port of the second computer system, wherein each of the first and second registration/discovery ports identifies computer systems in the insecure computer network such that certificate generation occurs without reliance on a certificate authority. - View Dependent Claims (15, 16, 17, 18, 19)
-
-
20. (Cancelled)
-
21. A network that allows for automated generation and distribution of certificates, the system comprising:
a plurality of computer systems, each of the computer systems including a port for making a request for a certificate authenticating the computer system and for generating a certificate authenticating another computer system in response to a request from another computer system, wherein the port identifies each of the plurality of computer systems such that authenticated channel communication can be achieved without reliance on a certificate authority.
-
22. A computer system which is utilized in a network which allows for automated generation and distribution of certificates, the computer system comprising:
-
a network device; and
a port coupled to the network device, the port for making a request for a certificate authenticating the computer system and for generating a certificate authenticating another computer system in response to a request from another computer system, wherein the port identifies each of the other computer systems on the network such that authenticated channel communication can be achieved without reliance on a certificate authority.
-
-
23. A system for automated generation and distribution of certificates within a computer network of computer systems, the system comprising:
-
a first computer system, the first computer system acting as an agent system, the agent system making a request for a certificate authenticating the agent system via a first registration/discovery port of the agent system; and
a second computer system, the second computer system acting as a manager system, the manager system receiving the request and automatically generating the certificate authenticating the agent system in response to the request from the agent system via a second registration/discovery port of the manager system, wherein each of the first and second registration/discovery ports identifies computer systems in the computer network such that the agent system and the manager system achieve authenticated channel communication without reliance on a certificate authority, wherein the agent system further sends a self-signed certificate to the manager system when making the request, and the manager system generates the certificate as part of a sequence of certificates, wherein the sequence of certificates comprises the newly generated certificate for the agent with a manager system signature and a manager self-signed certificate.
-
-
24. A method for automated generation and distribution of certificates in a computer network of computer systems, the method comprising:
-
generating a request by a first computer system for a certificate authenticating the first computer system from a second computer system via a first registration/discovery port of the first computer system, wherein generating a request further comprises sending a self-signed certificate from the first computer system to the second computer system.; and
responding to the request in the second computer system by automatically generating the certificate authenticating the first computer system and distributing the certificate to the first computer system via a second registration/discovery port of the second computer system, wherein each of the first and second registration/discovery ports identifies computer systems in the computer network such that certificate generation occurs without reliance on a certificate authority, and wherein automatically generating the certificate further comprises sending a sequence of certificates to the first computer system, wherein the sequence of certificates comprises the newly generated certificate of the first computer system with a signature from the second computer system and a self-signed certificate from the second computer system.
-
-
25. A computer readable medium containing program instructions for automated generation and distribution of certificates in authenticated channel communication over an insecure computer network of computer systems, the program instructions comprising:
-
supporting a request by a first computer system for a certificate authenticating the first computer system from a second computer system via a first registration/discovery port of the first computer system, wherein the request further comprises sending a self-signed certificate from the first computer system to the second computer system; and
providing a response to the request in the second computer system by automatically generating the certificate authenticating the first computer system and distributing the certificate to the first computer system via a second registration/discovery port of the second computer system, wherein each of the first and second registration/discovery ports identifies computer systems in the insecure computer network such that certificate generation occurs without reliance on a certificate authority, wherein automatically generating the certificate further comprises sending a sequence of certificates to the first computer system, and wherein sending a sequence of certificates further comprises sending the newly generated certificate of the first computer system with a signature from the second computer system and a self-signed certificate from the second computer system.
-
Specification