Method for automated installation of digital certificates to network servers

US 20050078830A1
Filed: 08/13/2004
Published: 04/14/2005
Est. Priority Date: 08/15/2003
Status: Abandoned Application

First Claim

Patent Images

1. A method for operating a centralized certificate installation system for automating the installation of digital certificates received from certificate authorities to a group of network servers, said method comprising the steps of:

receiving a certificate signed by a certificate authority generated from a certificate signing request by way of the network interface, identifying a destination network server corresponding to a received certificate signed by a certificate authority, determining a network server type, said network server types providing at least the type of server software installed to the identified destination network server, and performing a set of installation steps, the performed set of installation steps applicable to the determined network server type, the performance of the set of installation steps including the transferring of the received certificate to the destination network server by way of said network interface.

View all claims

5 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Disclosed herein are several digital certificate discovery and management systems. Detailed information on various example embodiments of the inventions are provided in the Detailed Description below, and the inventions are defined by the appended claims.

36 Citations

View as Search Results

20 Claims

1. A method for operating a centralized certificate installation system for automating the installation of digital certificates received from certificate authorities to a group of network servers, said method comprising the steps of:
- receiving a certificate signed by a certificate authority generated from a certificate signing request by way of the network interface, identifying a destination network server corresponding to a received certificate signed by a certificate authority, determining a network server type, said network server types providing at least the type of server software installed to the identified destination network server, and performing a set of installation steps, the performed set of installation steps applicable to the determined network server type, the performance of the set of installation steps including the transferring of the received certificate to the destination network server by way of said network interface.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. A method according to claim 1, further comprising the steps of:
    - operating an SMTP service;
      
      receiving an e-mail message by the SMTP service, the e-mail message containing a certificate signed by a certificate authority;
      
      parsing an e-mail message containing a certificate signed by a certificate authority to extract that certificate for installation.
  - 3. A method according to claim 1, further comprising the steps of:
    - upon receiving a certificate signed by a certificate authority, and optionally after identifying a destination network server, notifying a person that the received certificate is ready to be installed; and
      
      prior to performing the set of installation steps, receiving an approval indication from a person indicating that a certificate is to be installed.
  - 4. A method according to claim 1, wherein said performing a set of installation steps includes steps for automated controlling of a network interface provided by a web server.
  - 5. A method according to claim 1, wherein said performing a set of installation steps includes steps for automated controlling of a shell interface.
  - 6. A method according to claim 1, wherein said performing a set of installation steps includes steps for transmission and installation of a certificate through a server agent program.
  - 7. A method according to claim 1, wherein said performing a set of installation steps includes steps for restarting a destination server program.
  - 8. A method according to claim 1, wherein said performing a set of installation steps includes steps for restarting a destination server computer.
  - 9. A method according to claim 1, wherein said performing a set of installation steps includes steps for notifying an administrator to restart a destination server program or destination server computer.
  - 10. A method according to claim 1, further comprising the step of confirming the installation of a received certificate to a destination server following the performance of a set of installation steps.
  - 11. A method according to claim 10, further comprising the step of generating an alert to an administrator if the installation of a received certificate to a destination server is not confirmed.

12. A method for operating a centralized certificate installation system for automating the installation of digital certificates received from certificate authorities to a group of network servers, said method comprising the steps of:
- receiving a certificate signed by a certificate authority generated from a certificate signing request by way of said network interface, identifying a destination network server corresponding to a received certificate signed by a certificate authority, determining a network server type, said network server types providing at least the type of server software installed to the identified destination network server, said determining being performed by retrieving a server type from a database having an entry for the identified destination network server;
  
  performing a set of installation steps, the performed set of installation steps applicable to the determined network server type, the performance of the set of installation steps utilizing said authentication objects applicable to the destination network server, the performance of the set of installation steps including the transferring of the received certificate to the destination network server by way of the network interface; and
  
  confirming the installation of a received certificate to a destination server following the performance of a set of installation steps.
- View Dependent Claims (13, 14, 15, 16, 17, 18)
- - 13. A method according to claim 12, further comprising the step of automatically configuring a destination network server to support SSL operation.
  - 14. A method according to claim 12, further comprising the steps of:
    - upon receiving a certificate signed by a certificate authority, and optionally after identifying a destination network server, notifying a person that the received certificate is ready to be installed; and
      
      prior to performing the set of installation steps, receiving an approval indication from a person indicating that a certificate is to be installed.
  - 15. A method according to claim 12, wherein said performing a set of installation steps includes steps for automated controlling of an interface selected from the group of network interfaces provided by a web server, a shell interface and server agent program interface.
  - 16. A method according to claim 12, wherein said performing a set of installation steps includes steps for restarting a destination server program or destination server computer.
  - 17. A method according to claim 12, wherein said performing a set of installation steps includes steps for notifying an administrator to restart a destination server program or destination server computer.
  - 18. A method according to claim 12, further comprising the step of confirming the installation of a received certificate to a destination server following the performance of a set of installation steps.

19. A method for operating a centralized certificate installation system for automating the installation of digital certificates received from certificate authorities to a group of network servers, said method comprising the steps of:
- receiving a certificate signed by a certificate authority generated from a certificate signing request by way of said network interface, identifying a destination network server corresponding to a received certificate signed by a certificate authority, determining a network server type, said network server types providing at least the type of server software installed to the identified destination network server;
  
  performing a set of installation steps, the performed set of installation steps applicable to the determined network server type, the performance of the set of installation steps utilizing authentication objects applicable to the destination network server, the performance of the set of installation steps including the transferring of the received certificate to the destination network server by way of said network interface;
  
  the installation steps utilizing a protocol selected from the group of a shell interface, an agent interface and a network interface provided by a web interface of a web server;
  
  configuring an identified destination managed server to use a private key corresponding to an installed certificate; and
  
  performing a restart action selected from the group of commanding an identified destination managed server to perform a restart, commanding an identified destination managed server to restart and notifying an administrator to restart a destination server program or destination server computer; and
  
  confirming the installation of a received certificate to a destination server following the performance of a set of installation steps.

20. A method of automatically installing digital certificates received from certificate authorities to a group of network servers, comprising:
- providing a network computing device;
  
  maintaining a database of authentication objects, each authentication object including at least one authentication token needed to permit the execution of a set of certificate installation steps to the group of network servers;
  
  receiving a certificate signed by a certificate authority generated from a certificate signing request;
  
  identifying a destination network server corresponding to a received certificate signed by a certificate authority;
  
  determining a network server type, said network server types providing at least the type of server software installed to the identified destination network server;
  
  performing a set of installation steps, the performed set of installation steps applicable to the determined network server type;
  
  transferring the received certificate to the destination network server;
  
  following said performing and said transferring, confirming the installation of a received certificate to a destination server following the performance of the set of installation steps; and
  
  alerting an administrator if the confirmation of the installation of a received certificate to a destination server fails.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Imcentric Incorporated, Venafi,Inc.
Original Assignee
Imcentric Incorporated
Inventors
Thornton, Russell S., Seegmiller, Jayson, Hodson, Benjamin

Application Number

US10/917,965
Publication Number

US 20050078830A1
Time in Patent Office

Days
Field of Search
US Class Current

380/277
CPC Class Codes

H04L 2209/34   Encoding or coding, e.g. Hu...

H04L 2209/56   Financial cryptography, e.g...

H04L 2209/76   Proxy, i.e. using intermedi...

H04L 63/04   for providing a confidentia...

H04L 63/0823   using certificates cryptogr...

H04L 63/105   Multiple levels of security

H04L 63/20   for managing network securi...

H04L 9/3226   using a predetermined code,...

H04L 9/3263   involving certificates, e.g...

H04L 9/3271   using challenge-response

Method for automated installation of digital certificates to network servers

First Claim

5 Assignments

0 Petitions

Accused Products

Abstract

36 Citations

20 Claims

Specification

Use Cases

Quick Links

Others

Method for automated installation of digital certificates to network servers

First Claim

5 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

36 Citations

20 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others