Certificate remoting and recovery
First Claim
Patent Images
1. A method for providing automated certificate management, the method comprising:
- identifying a plurality of security certificates used by a first server;
determining whether at least one first certificate of the plurality of security certificates is one of;
inactive and not available;
in response to determining that the at least one first certificate of the plurality of security certificates is not available;
identifying at least one peer server, andrequesting the at least one first certificate of the plurality of security certificates from the at least one peer server; and
in response to determining that the at least one first certificate of the plurality of security certificates is inactive;
determining whether the at least one peer server comprises the inactive at least one first certificate, andremotely instructing the at least one peer server to remove the inactive at least one first certificate by sending a remove action request in response to a determination that the at least one peer server comprises the inactive at least one first certificate.
2 Assignments
0 Petitions
Accused Products
Abstract
Certificate remoting and recovery may be provided. A computer may identify required security certificates and determine whether at least one required security certificate is not available. If the certificate is not available, the computer may identify a peer server and request the missing certificate from the peer server. The computer may also be operative to receive certificate management instructions from other computers.
-
Citations
20 Claims
-
1. A method for providing automated certificate management, the method comprising:
-
identifying a plurality of security certificates used by a first server; determining whether at least one first certificate of the plurality of security certificates is one of;
inactive and not available;in response to determining that the at least one first certificate of the plurality of security certificates is not available; identifying at least one peer server, and requesting the at least one first certificate of the plurality of security certificates from the at least one peer server; and in response to determining that the at least one first certificate of the plurality of security certificates is inactive; determining whether the at least one peer server comprises the inactive at least one first certificate, and remotely instructing the at least one peer server to remove the inactive at least one first certificate by sending a remove action request in response to a determination that the at least one peer server comprises the inactive at least one first certificate. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A system for providing remote certificate management, the system comprising:
-
a memory storage; and a processing unit coupled to the memory storage, wherein the processing unit is operative to; receive a request to perform an action associated with a security certificate from at least one remote computing system, determine whether the security certificate associated with the requested action is stored in the memory storage, in response to determining that the security certificate associated with the requested action is stored in the memory storage, perform the requested action on the security certificate, the requested action comprising a request to remotely remove the security certificate by sending a remove action request when it is determined that the security certificate is inactive. - View Dependent Claims (14, 15, 16, 17, 18, 19)
-
-
20. A memory storage which stores a set of instructions which when executed by a computing device will cause the computing device to perform a method for providing certificate management and recovery, the method comprising:
-
creating a list of a plurality of active security certificates, wherein the list of active security certificates is created according to at least one certificate thumbprint associated with at least one automated process; determining whether at least one of the plurality of active security certificates is not stored on the memory storage of the computing device executing the set of instructions; in response to determining that the at least one of the plurality of active security certificates is not stored on the memory storage; identifying at least one peer server, wherein the peer server comprises a second computing device in geographic proximity to the computing device executing the set of instructions, determining whether the at least one peer server comprises the at least one of the plurality of active security certificates not stored on the memory storage, in response to determining that the at least one peer server comprises the at least one of the plurality of active security certificates not stored on the memory storage; retrieving a copy of the at least one of the plurality of active security certificates not stored on the memory storage from the peer server, and storing the retrieved copy of the at least one of the plurality of active security certificates on the memory storage, in response to determining that the at least one peer server does not comprise the at least one of the plurality of active security certificates not stored on the memory storage; identifying at least one neighboring server, wherein the neighboring server comprises a third computing device located in a different geographic location from the computing device executing the set of instructions, determining whether the at least one neighboring server comprises the at least one of the plurality of active security certificates not stored on the memory storage, and in response to determining that the at least one neighboring server comprises the at least one of the plurality of active security certificates not stored on the memory storage; retrieving a copy of the at least one of the plurality of active security certificates not stored on the memory storage from the neighboring server, and storing the retrieved copy of the at least one of the plurality of active security certificates on the memory storage, receiving a first request to query as to whether at least one security certificate stored on the memory storage is not in the list of the plurality of active security certificates; determining that the at least one security certificate stored on the memory storage is not in the list of the plurality of active security certificates; and receiving a second request to remove the at least one security certificate; and remotely removing the at least one security certificate stored on the memory storage that is not in the list of the plurality of active security certificates by sending a remove action request.
-
Specification