Automatically generating a certificate operation request
First Claim
Patent Images
1. A method comprising:
- establishing, by a processing device, a secure connection with a server device using an authentication protocol that uses symmetric-key cryptography;
generating, by a client agent executing by the processing device, a request to perform a certificate operation associated with a certificate; and
sending, by the client agent, the request over the secure connection to an identity management system executing by the server device, wherein the identity management system comprises a registration authority (RA), wherein the RA is a trusted manager of a certificate authority (CA) and uses the authentication of the secure connection between the server device and the client agent to send a proxy of the request to the CA without performing an additional authentication of the request, wherein the client agent is capable of generating and sending the certificate operation without user intervention at the processing device.
1 Assignment
0 Petitions
Accused Products
Abstract
A method and system for automatically generating a certificate operation request is described.
27 Citations
20 Claims
-
1. A method comprising:
-
establishing, by a processing device, a secure connection with a server device using an authentication protocol that uses symmetric-key cryptography; generating, by a client agent executing by the processing device, a request to perform a certificate operation associated with a certificate; and sending, by the client agent, the request over the secure connection to an identity management system executing by the server device, wherein the identity management system comprises a registration authority (RA), wherein the RA is a trusted manager of a certificate authority (CA) and uses the authentication of the secure connection between the server device and the client agent to send a proxy of the request to the CA without performing an additional authentication of the request, wherein the client agent is capable of generating and sending the certificate operation without user intervention at the processing device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A computing system, comprising
a processing device to execute a client agent, comprising: -
a Kerberos client to establish a secure connection with a server device using an authentication protocol that uses symmetric-key cryptography; and a certificate utility to generate a request to perform a certificate operation associated with a certificate and to send the request over the secure connection to an identity management system of the server device, wherein the client agent is capable of generating and sending the certificate operation without user intervention at the processing device, wherein the identity management system comprises a registration authority (RA), wherein the RA is a trusted manager of a certificate authority (CA) and uses the authentication of the secure connection between the server device and the client agent to send a proxy of the request to the CA without performing an additional authentication of the request. - View Dependent Claims (11, 12, 13, 14, 15)
-
-
16. A non-transitory computer-readable storage medium having instructions, which when executed, cause a processing device to perform operations comprising:
-
establishing, by the processing device, a secure connection with a server device using an authentication protocol that uses symmetric-key cryptography; generating, by a client agent of the processing device, a request to perform a certificate operation associated with a certificate; and sending, by the client agent, the request over the secure connection to an identity management system of the server device, wherein the client agent is capable of generating and sending the certificate operation without user intervention at the processing device, wherein the identity management system comprises a registration authority (RA), wherein the RA is a trusted manager of a certificate authority (CA) and uses the authentication of the secure connection between the server device and the client agent to send a proxy of the request to the CA without performing an additional authentication of the request. - View Dependent Claims (17, 18, 19, 20)
-
Specification