CERTIFICATE DISTRIBUTION USING SECURE HANDSHAKE
First Claim
1. A computer implemented method for certificate distribution, the computer implemented method comprising:
- sending an indication in a request, the request being a part of a secure data communication with a directory, the indication indicating an ability to accept a certificate as a part of a response;
receiving, responsive to the indication, a new certificate in the response corresponding to the request;
separating the new certificate from the response; and
using the new certificate in the secure data communication.
2 Assignments
0 Petitions
Accused Products
Abstract
A method, system, and computer usable program product for certificate distribution using a secure handshake are provided in the illustrative embodiments. A client sends an indication in a request, the request being a part of a secure data communication with a server. The indication indicates an ability of the client to accept a certificate as a part of a response from the server. The server retrieves a new certificate. The server sends as a result of the indication, a new certificate in the response corresponding to the request. The client receives as a result of the indication, the new certificate in a response that corresponds to the request. The client separates the new certificate from the response and uses the new certificate in the secure data communication with the server. The server uses the new certificate in the secure data communication with the client.
-
Citations
20 Claims
-
1. A computer implemented method for certificate distribution, the computer implemented method comprising:
-
sending an indication in a request, the request being a part of a secure data communication with a directory, the indication indicating an ability to accept a certificate as a part of a response; receiving, responsive to the indication, a new certificate in the response corresponding to the request; separating the new certificate from the response; and using the new certificate in the secure data communication. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A computer implemented method for certificate distribution, the computer implemented method comprising:
-
receiving, at a directory, an indication in a request, the request being a part of a secure data communication, the indication indicating an ability to accept a certificate as a part of a response; retrieving a new certificate; sending, responsive to the indication, the new certificate in the response corresponding to the request; and using the new certificate in the secure data communication. - View Dependent Claims (10, 11, 12, 13)
-
-
14. A computer usable program product comprising a computer usable medium including computer usable code for certificate distribution, the computer usable code comprising:
-
computer usable code for sending an indication in a request, the request being a part of a secure handshake in a secure data communication, the indication indicating an ability to accept a certificate as a part of a response; computer usable code for receiving, responsive to the indication, a new certificate in the response corresponding to the request; computer usable code for separating the new certificate from the response; and computer usable code for using the new certificate in the secure data communication. - View Dependent Claims (15, 16, 17, 18)
-
-
19. A data processing system for certificate distribution, the data processing system comprising:
-
a storage device, wherein the storage device stores computer usable program code; and a processor, wherein the processor executes the computer usable program code, and wherein the computer usable program code comprises; computer usable code for sending an indication in a request, the request being a part of a secure handshake in a secure data communication, the indication indicating an ability to accept a certificate as a part of a response; computer usable code for receiving, responsive to the indication, a new certificate in the response corresponding to the request; computer usable code for separating the new certificate from the response; and computer usable code for using the new certificate in the secure data communication.
-
-
20. The data processing system of claim 20, wherein the indication is one of (i) a parameter in the request, (ii) a control in an LDAP request, and (ii) a control in a bind operation, wherein the computer usable code for sending the indication in the request is one of (i) computer usable code for sending a command to execute an operation, the operation resulting in the response, and (ii) computer usable code for sending a command to execute an extended operation in a directory, the extended operation resulting in the response, and wherein the computer usable code for sending the indication in the request is responsive to executing computer usable code for determining that an old certificate is one of (i) expired, (ii) expiring within a predetermined period, (iii) revoked, and (iv) flagged for revocation.
Specification