Program product for unified certificate requests from certificate authorities

US 20050081025A1
Filed: 08/13/2004
Published: 04/14/2005
Est. Priority Date: 08/15/2003
Status: Active Grant

First Claim

Patent Images

1. A set of computer readable media containing computer instructions for operating a certificate proxy system for providing a unified certificate request interface to a plurality of certificate authorities, the proxy system including network facilities for electronic communication over a network and further including a storage device group containing at least one storage device operable to contain operating system files and applications, the set of computer readable media comprising at least one medium upon which is stored the computer instructions executable by a computing system to achieve the functions of:

presenting a uniform interface for receiving information pertaining to the submission of an individual certificate signing request to the plurality of certificate authorities, said interface providing a uniform set of entries for information items required in a certificate signing request generally;

presenting a selectable object whereby a choice of one of the plurality of certificate authorities may be entered;

receiving entry items through the uniform interface and a selection of a certificate authority;

storing items of identification sufficient to identify a requesting entity to each of the plurality of certificate authorities; and

communicating with a certificate authority interface of the selected certificate authority, the communicating presenting at least the received entry items required by the selected certificate authority, the communication it its totality presenting a certificate signing request to the selected certificate authority, the communication further presenting items of identification whereby a requesting entity may be associated to the certificate signing request.

View all claims

11 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Disclosed herein are several digital certificate discovery and management systems. Detailed information on various example embodiments of the inventions are provided in the Detailed Description below, and the inventions are defined by the appended claims.

55 Citations

View as Search Results

19 Claims

1. A set of computer readable media containing computer instructions for operating a certificate proxy system for providing a unified certificate request interface to a plurality of certificate authorities, the proxy system including network facilities for electronic communication over a network and further including a storage device group containing at least one storage device operable to contain operating system files and applications, the set of computer readable media comprising at least one medium upon which is stored the computer instructions executable by a computing system to achieve the functions of:
- presenting a uniform interface for receiving information pertaining to the submission of an individual certificate signing request to the plurality of certificate authorities, said interface providing a uniform set of entries for information items required in a certificate signing request generally;
  
  presenting a selectable object whereby a choice of one of the plurality of certificate authorities may be entered;
  
  receiving entry items through the uniform interface and a selection of a certificate authority;
  
  storing items of identification sufficient to identify a requesting entity to each of the plurality of certificate authorities; and
  
  communicating with a certificate authority interface of the selected certificate authority, the communicating presenting at least the received entry items required by the selected certificate authority, the communication it its totality presenting a certificate signing request to the selected certificate authority, the communication further presenting items of identification whereby a requesting entity may be associated to the certificate signing request.
- View Dependent Claims (2, 3, 4, 5)
- - 2. A set of computer readable media according to claim 1, wherein said instructions are further executable to achieve the functions of:
    - provide for the setting of a default certificate authority of the plurality of certificate authorities; and
      
      in presenting a selectable object, providing a selection of the default certificate authority setting.
  - 3. A set of computer readable media according to claim 1, whereby the set of computer readable media further comprises at least one medium upon which is stored a set of scripts whereby each of a plurality of certificate authorities may be communicated with to present a certificate signing request.
  - 4. A set of computer readable media according to claim 1, wherein said instructions are further executable to read a set of certificate authority records, each of the certificate authority records containing at least one default setting usable in presenting a certificate signing request to one of the certificate authorities of the plurality of certificate authorities.
  - 5. A set of computer readable media according to claim 1, wherein the uniform interface presented has an interaction substantially similar to the interaction of a true certificate authority.

6. A set of computer readable media containing computer instructions for operating a certificate proxy system for providing a unified certificate request interface to a plurality of certificate authorities, the proxy system including network facilities for electronic communication over a network and further including a storage device group containing at least one storage device operable to contain operating system files and applications, the set of computer readable media comprising at least one medium upon which is stored the computer instructions executable by a computing system to achieve the functions of:
- providing for the setting of a default certificate authority of the plurality of certificate authorities;
  
  presenting a uniform interface for receiving information pertaining to the submission of an individual certificate signing request to the plurality of certificate authorities, said interface providing a uniform set of entries for information items required in a certificate signing request generally;
  
  presenting a selectable object whereby a choice of one of the plurality of certificate authorities may be entered, whereby the selectable object is presented with the default certificate authority selected;
  
  reading at least one of a set of certificate authority records, each of the certificate authority records containing at least one default setting usable in presenting a certificate signing request to one of the certificate authorities of the plurality of certificate authorities;
  
  receiving entry items through the uniform interface and a selection of a certificate authority;
  
  storing items of identification sufficient to identify a requesting entity to each of the plurality of certificate authorities; and
  
  communicating with a certificate authority interface of the selected certificate authority, the communicating presenting at least the received entry items required by the selected certificate authority, the communication it its totality presenting a certificate signing request to the selected certificate authority, the communication further presenting items of identification whereby a requesting entity may be associated to the certificate signing request.
- View Dependent Claims (7, 8)
- - 7. A set of computer readable media according to claim 6, whereby the set of computer readable media further comprises at least one medium upon which is stored a set of scripts whereby each of a plurality of certificate authorities may be communicated with to present a certificate signing request.
  - 8. A set of computer readable media according to claim 6, wherein the uniform interface presented has an interaction substantially similar to the interaction of a true certificate authority.

9. A set of computer readable media containing computer instructions for operating a certificate proxy and installation system for providing a unified certificate request interface to a plurality of certificate authorities and for installing certificates to destination servers, the proxy and installation system including network facilities for electronic communication over a network and further including a storage device group containing at least one storage device operable to contain operating system files and applications, the set of computer readable media comprising at least one medium upon which is stored the computer instructions executable by a computing system to achieve the functions of:
- presenting a uniform interface for receiving information pertaining to the submission of an individual certificate signing request to the plurality of certificate authorities, said interface providing a uniform set of entries for information items required in a certificate signing request generally;
  
  presenting a selectable object whereby a choice of one of the plurality of certificate authorities may be entered;
  
  receiving entry items through the uniform interface and a selection of a certificate authority;
  
  storing items of identification sufficient to identify a requesting entity to each of the plurality of certificate authorities;
  
  communicating with a certificate authority interface of the selected certificate authority, the communicating presenting at least the received entry items required by the selected certificate authority, the communication it its totality presenting a certificate signing request to the selected certificate authority, the communication further presenting items of identification whereby a requesting entity may be associated to the certificate signing request;
  
  receiving a certificate signed by a certificate authority generated from a certificate signing request by way of said network interface;
  
  identifying a destination network server corresponding to a received certificate signed by a certificate authority;
  
  determining a network server type, said network server types providing at least the type of server software installed to the identified destination network server; and
  
  performing a set of installation steps, the performed set of installation steps applicable to the determined network server type, the performance of the set of installation steps including the transferring of the received certificate to the destination network server by way of said network interface.
- View Dependent Claims (10, 11, 12, 13, 14, 15, 16, 17, 18, 19)
- - 10. A set of computer readable media according to claim 9, wherein said instructions are further executable to achieve the functions of:
    - operating an SMTP service;
      
      receiving an e-mail message by the SMTP service, the e-mail message containing a certificate signed by a certificate authority;
      
      parsing an e-mail message containing a certificate signed by a certificate authority to extract that certificate for installation.
  - 11. A set of computer readable media according to claim 9, wherein said instructions are further executable to achieve the functions of:
    - upon receiving a certificate signed by a certificate authority, and optionally after identifying a destination network server, notifying a person that the received certificate is ready to be installed; and
      
      prior to performing the set of installation steps, receiving an approval indication from a person indicating that a certificate is to be installed.
  - 12. A set of computer readable media according to claim 9, wherein said performing a set of installation steps includes steps for automated controlling of a network interface provided by a web server.
  - 13. A set of computer readable media according to claim 9, wherein said performing a set of installation steps includes steps for automated controlling of a shell interface.
  - 14. A set of computer readable media according to claim 9, wherein said performing a set of installation steps includes steps for transmission and installation of a certificate through a server agent program.
  - 15. A set of computer readable media according to claim 9, wherein said performing a set of installation steps includes steps for restarting a destination server program.
  - 16. A set of computer readable media according to claim 9, wherein said performing a set of installation steps includes steps for restarting a destination server computer.
  - 17. A set of computer readable media according to claim 9, wherein said performing a set of installation steps includes steps for notifying an administrator to restart a destination server program or destination server computer.
  - 18. A set of computer readable media according to claim 9, wherein said instructions are further executable to confirm the installation of a received certificate to a destination server following the performance of a set of installation steps.
  - 19. A set of computer readable media according to claim 18, wherein said instructions are further executable to generate an alert to an administrator if the installation of a received certificate to a destination server is not confirmed.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Venafi,Inc.
Original Assignee
Imcentric Incorporated
Inventors
Thornton, Russell S., Seegmiller, Jayson, Hodson, Benjamin

Granted Patent

US 7,698,549 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/155
CPC Class Codes

H04L 2209/34   Encoding or coding, e.g. Hu...

H04L 2209/56   Financial cryptography, e.g...

H04L 2209/76   Proxy, i.e. using intermedi...

H04L 63/04   for providing a confidentia...

H04L 63/0823   using certificates cryptogr...

H04L 63/105   Multiple levels of security

H04L 63/20   for managing network securi...

H04L 9/3226   using a predetermined code,...

H04L 9/3263   involving certificates, e.g...

H04L 9/3271   using challenge-response

Program product for unified certificate requests from certificate authorities

First Claim

11 Assignments

0 Petitions

Accused Products

Abstract

55 Citations

19 Claims

Specification

Solutions

Use Cases

Quick Links

Program product for unified certificate requests from certificate authorities

First Claim

11 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

55 Citations

19 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links