Method of Aggregating Multiple Certificate Authority Services
First Claim
1. A method for providing a unified certificate request interface to a plurality of certificate authorities, said method comprising the steps of:
- presenting a uniform interface for receiving information pertaining to the submission of an individual certificate signing request to the plurality of certificate authorities, said interface providing a uniform set of entries for information items required in a certificate signing request generally;
presenting a selectable object whereby a choice of one of the plurality of certificate authorities may be entered;
receiving entry items through the uniform interface and a selection of a certificate authority;
storing items of identification sufficient to identify a requesting entity to each of the plurality of certificate authorities; and
communicating with a certificate authority interface of the selected certificate authority, the communicating presenting at least the received entry items required by the selected certificate authority, the communication in its totality presenting a certificate signing request to the selected certificate authority, the communication further presenting items of identification whereby a requesting entity may be associated to the certificate signing request.
10 Assignments
0 Petitions
Accused Products
Abstract
The disclosure relates to the management of PKI digital certificates, including certificate discovery, installation, verification and replacement for endpoints over an insecure network. A database of certificates may be maintained through discovery, replacement and other activities. Certificate discovery identifies certificates and associated information including network locations, methods of access, applications of use and non-use, and may produce logs and reports. Automated requests to certificate authorities for new certificates, renewals or certificate signing requests may precede the installation of issued certificates to servers using installation scripts directed to a particular application or product, which may provide notification or require approval or intervention. An administrator may be notified of expiring certificates, using a database or scanning or server agents. Detailed information on various example embodiments of the inventions are provided in the Detailed Description below, and the inventions are defined by the appended claims.
-
Citations
8 Claims
-
1. A method for providing a unified certificate request interface to a plurality of certificate authorities, said method comprising the steps of:
-
presenting a uniform interface for receiving information pertaining to the submission of an individual certificate signing request to the plurality of certificate authorities, said interface providing a uniform set of entries for information items required in a certificate signing request generally; presenting a selectable object whereby a choice of one of the plurality of certificate authorities may be entered; receiving entry items through the uniform interface and a selection of a certificate authority; storing items of identification sufficient to identify a requesting entity to each of the plurality of certificate authorities; and communicating with a certificate authority interface of the selected certificate authority, the communicating presenting at least the received entry items required by the selected certificate authority, the communication in its totality presenting a certificate signing request to the selected certificate authority, the communication further presenting items of identification whereby a requesting entity may be associated to the certificate signing request. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A method for providing a unified certificate request interface to a plurality of certificate authorities, said method comprising the steps of:
-
providing for the setting of a default certificate authority of the plurality of certificate authorities; presenting a uniform interface for receiving information pertaining to the submission of an individual certificate signing request to the plurality of certificate authorities, said interface providing a uniform set of entries for information items required in a certificate signing request generally; presenting a selectable object whereby a choice of one of the plurality of certificate authorities may be entered, whereby the selectable object is presented with the default certificate authority selected; reading at least one of a set of certificate authority records, each of the certificate authority records containing at least one default setting usable in presenting a certificate signing request to one of the certificate authorities of the plurality of certificate authorities; receiving entry items through the uniform interface and a selection of a certificate authority; storing items of identification sufficient to identify a requesting entity to each of the plurality of certificate authorities; and communicating with a certificate authority interface of the selected certificate authority, the communicating presenting at least the received entry items required by the selected certificate authority, the communication in its totality presenting a certificate signing request to the selected certificate authority, the communication further presenting items of identification whereby a requesting entity may be associated to the certificate signing request. - View Dependent Claims (7, 8)
-
Specification