Method for discovering digital certificates in a network
First Claim
Patent Images
1. A method for discovering digital certificates to servers on a network, said method comprising the steps of:
- receiving an address range corresponding to a network or network portion to be scanned, contacting network devices within the received address range, said contacting further intended to initiate the transmission of a digital certificate from each of the contacted network devices to said certificate discovery system, for each contacted network device transmitting a digital certificate, receiving the digital certificate, for each received digital certificate, creating a certificate record containing a certificate identification, wherein the certificate identification contains sufficient information to identify the received digital certificate and the network device from where it was transmitted, and storing created certificate records.
5 Assignments
0 Petitions
Accused Products
Abstract
Disclosed herein are several digital certificate discovery and management systems. Detailed information on various example embodiments of the inventions are provided in the Detailed Description below, and the inventions are defined by the appended claims.
-
Citations
16 Claims
-
1. A method for discovering digital certificates to servers on a network, said method comprising the steps of:
-
receiving an address range corresponding to a network or network portion to be scanned, contacting network devices within the received address range, said contacting further intended to initiate the transmission of a digital certificate from each of the contacted network devices to said certificate discovery system, for each contacted network device transmitting a digital certificate, receiving the digital certificate, for each received digital certificate, creating a certificate record containing a certificate identification, wherein the certificate identification contains sufficient information to identify the received digital certificate and the network device from where it was transmitted, and storing created certificate records. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A method for discovering digital certificates to servers on a network, said method comprising the steps of:
-
receiving an address range corresponding to a network or network portion to be scanned, contacting network devices within the received address range, said contacting further intended to initiate the transmission of a digital certificate from each of the contacted network devices to said certificate discovery system, said contacting including probing of IP port 443 using a secure sockets layer protocol, for network devices having servers installed thereto, attempting to identify the type of server for each, for each contacted network device transmitting a digital certificate, receiving the digital certificate, for each received digital certificate, parsing the certificates to retrieve beginning and ending dates of validity, for each received digital certificate, creating a certificate record containing a certificate identification, wherein the certificate identification contains sufficient information to identify the received digital certificate and the network device from where it was transmitted, and storing created certificate records to a database. - View Dependent Claims (13, 14, 15)
-
-
16. A method for discovering digital certificates to servers on a network, said method comprising the steps of:
-
receiving an address range corresponding to a network or network portion to be scanned, contacting network devices within the received address range, said contacting further intended to initiate the transmission of a digital certificate from each of the contacted network devices to said certificate discovery system, said contacting including attempting to access the filesystems of the network devices to search for certificates installed thereto, for network devices having servers installed thereto, attempting to identify the type of server for each, for each contacted network device transmitting a digital certificate, receiving the digital certificate, for each received digital certificate, parsing the certificates to retrieve beginning and ending dates of validity, for each received digital certificate, creating a certificate record containing a certificate identification, wherein the certificate identification contains sufficient information to identify the received digital certificate and the network device from where it was transmitted, and storing created certificate records to a database.
-
Specification