×

Identity management certificate operations

  • US 9,225,525 B2
  • Filed: 02/26/2010
  • Issued: 12/29/2015
  • Est. Priority Date: 02/26/2010
  • Status: Active Grant
First Claim
Patent Images

1. A method comprising:

  • establishing a secure connection between a client computing system and an identity management system for the client computing system using a Kerberos authentication protocol that uses symmetric-key cryptography;

    receiving, by a processing device in the identity management system, a request from the client computing system over the secure connection to perform a certificate operation associated with a certificate, wherein the certificate operation comprises at least one of requesting issuance of the certificate, renewing the certificate, checking a request status of the certificate, retrieving the certificate from a certificate authority (CA) system, putting the certificate on hold, removing the certificate from being on hold, or revoking the certificate;

    determining to approve the request from the client computing system;

    sending, by a registration authority (RA) at the identity management system, a proxy of the request to the CA system to perform the certificate operation in response to determining to approve the request, wherein the RA is a trusted manager of the CA system and uses the authentication of the secure connection between the identity management system and the client computing system to send the proxy of the request to the CA system which performs the certificate operation without authenticating the request; and

    receiving, by the RA, a reply from the CA system in response to sending the proxy of the request to perform the certificate operation to the CA system and sending the reply to the client computing system without user intervention at the client computing system.

View all claims
  • 1 Assignment
Timeline View
Assignment View
    ×
    ×