MANAGING SECURITY CERTIFICATES OF STORAGE DEVICES
First Claim
1. A method for managing security certificates in a data processing environment, the method comprising:
- identifying, by a computer, a security certificate associated with a management interface of a device in the data processing environment;
determining, by the computer, whether the security certificate was issued by a certificate authority that is trusted;
responsive to determining that the security certificate was not issued by the certificate authority that is trusted, identifying, by the computer, the security certificate as invalid;
subsequent to identifying the security certificate as invalid based on the determination that the security certificate was not issued by the certificate authority that is trusted, determining, by the computer, if a service exists in the data processing environment that includes a feature for sending information about critical events associated with the data processing environment; and
responsive to determining that the service with the feature for sending information about critical events associated with the data processing environment exists in the data processing environment, generating, by the computer, a certificate-signing request for the management interface of the device and sending the certificate-signing request via the feature in the service.
1 Assignment
0 Petitions
Accused Products
Abstract
A method and data processing system for managing security certificates in a data processing environment is disclosed. A computer identifies a security certificate associated with a management interface of a device in the data processing environment. The computer determines whether the security certificate was issued by a certificate authority that is trusted. In response to determining that the security certificate was not issued by the certificate authority, the computer identifies the security certificate as invalid. Subsequent to identifying the security certificate as invalid, the computer determines if a service exists in the data processing environment that includes a feature for sending information about critical events associated with the data processing environment. Responsive to determining that the service with the feature exists in the data processing environment, the computer generates a certificate-signing request for the management interface of the device and sends the certificate-signing request via the feature in the service.
-
Citations
20 Claims
-
1. A method for managing security certificates in a data processing environment, the method comprising:
-
identifying, by a computer, a security certificate associated with a management interface of a device in the data processing environment; determining, by the computer, whether the security certificate was issued by a certificate authority that is trusted; responsive to determining that the security certificate was not issued by the certificate authority that is trusted, identifying, by the computer, the security certificate as invalid; subsequent to identifying the security certificate as invalid based on the determination that the security certificate was not issued by the certificate authority that is trusted, determining, by the computer, if a service exists in the data processing environment that includes a feature for sending information about critical events associated with the data processing environment; and responsive to determining that the service with the feature for sending information about critical events associated with the data processing environment exists in the data processing environment, generating, by the computer, a certificate-signing request for the management interface of the device and sending the certificate-signing request via the feature in the service. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
-
-
15. A data processing system for managing security certificates in a data processing environment, the data processing system comprising:
-
a processor unit, a memory, and a computer readable storage device; first program code to identify a security certificate associated with a management interface of a device in the data processing environment; second program code to determine if the security certificate was issued by a certificate authority that is trusted; third program code to identify the security certificate as invalid responsive to determining that the security certificate was not issued by the certificate authority that is trusted; fourth program code to determine if a second service exists in the data processing environment that includes a feature for sending information about critical events associated with the data processing environment subsequent to the third program code identifying the security certificate as invalid based on the determination that the security certificate was not issued by the certificate authority that is trusted; and fifth program code to generate a certificate-signing request for the management interface of the device and send the certificate-signing request via the feature in the second service responsive to a determination that the second service with the feature for sending information about critical events associated with the data processing environment exists in the data processing environment, wherein the first program code, the second program code, the third program code, the fourth program code, and fifth program code are stored in the computer readable storage device for execution by the processor unit via the memory. - View Dependent Claims (16, 17, 18, 19)
-
-
20. A computer program product for monitoring changes to a block of data, the computer program product comprising:
-
a computer readable storage device; program code, stored on the computer readable storage device, for identifying a security certificate associated with a management interface of a device in the data processing environment; program code, stored on the computer readable storage device, for determining if the security certificate was issued by a certificate authority that is trusted; program code, stored on the computer readable storage device, responsive to determining that the security certificate was not issued by the certificate authority that is trusted, for identifying the security certificate as invalid; program code, stored on the computer readable storage device, for determining if a second service exists in the data processing environment that includes a feature for sending information about critical events associated with the data processing environment subsequent to identifying the security certificate as invalid based on the determination that the security certificate was not issued by the certificate authority that is trusted; and program code, stored on the computer readable storage device, responsive to a determination that the second service with the feature for sending information about critical events associated with the data processing environment exists in the data processing environment, for generating a certificate-signing request for the management interface of the device and sending the certificate-signing request via the feature in the second service.
-
Specification