Methods and apparatus for use in obtaining a digital certificate for a mobile communication device
First Claim
1. A method performed by a host server, the method comprising:
- pushing, from the host server to a mobile communication device, information for instructing the mobile communication device to obtain a digital certificate from a certificate authority;
receiving, from the mobile communication device over a secure connection, a single, signed certificate request message that contains a public key generated by the mobile communication device and certificate authority information identifying the certificate authority from which the host server is to request a certificate for the mobile communication device, the certificate request message having been signed with a private key generated by the mobile communication device, the public key and the private key forming a public-private key pair;
based on the certificate authority information received in the signed certificate request message, selecting from a plurality of possible protocols a particular protocol for communicating with the certificate authority;
on behalf of the mobile communication device, using the particular protocol to send to the certificate authority a request comprising the signed certificate request message that was received from the mobile communication device;
on behalf of the mobile communication device, polling the certificate authority for an indication of approval of the signed certificate request message;
responsive to approval of the single, signed certificate request message, obtaining a digital certificate signed by the certificate authority, the digital certificate containing the public key; and
pushing the digital certificate to the mobile communication device.
4 Assignments
0 Petitions
Accused Products
Abstract
In one illustrative scenario, a mobile device receives configuration information which includes information for use in constructing a request message for obtaining a digital certificate from a certificate authority (CA). After receipt of the configuration information, the mobile device constructs the request message for the digital certificate and causes it to be sent to a host server of a communication network. In response, the host server requests and obtains the digital certificate from the CA on behalf of the mobile device, and thereafter “pushes” the received digital certificate to the mobile device. The mobile device receives the digital certificate and stores it for use in subsequent communications. The host server may be part of a local area network (LAN) which includes a wireless LAN (WLAN) adapted to authenticate the mobile device based on the digital certificate, so that the mobile device may obtain access to the WLAN.
-
Citations
14 Claims
-
1. A method performed by a host server, the method comprising:
-
pushing, from the host server to a mobile communication device, information for instructing the mobile communication device to obtain a digital certificate from a certificate authority; receiving, from the mobile communication device over a secure connection, a single, signed certificate request message that contains a public key generated by the mobile communication device and certificate authority information identifying the certificate authority from which the host server is to request a certificate for the mobile communication device, the certificate request message having been signed with a private key generated by the mobile communication device, the public key and the private key forming a public-private key pair; based on the certificate authority information received in the signed certificate request message, selecting from a plurality of possible protocols a particular protocol for communicating with the certificate authority; on behalf of the mobile communication device, using the particular protocol to send to the certificate authority a request comprising the signed certificate request message that was received from the mobile communication device; on behalf of the mobile communication device, polling the certificate authority for an indication of approval of the signed certificate request message; responsive to approval of the single, signed certificate request message, obtaining a digital certificate signed by the certificate authority, the digital certificate containing the public key; and pushing the digital certificate to the mobile communication device. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A host server comprising a computer processor and a non-transitory computer-readable storage device with computer-executable instructions stored thereon that, when executed by the computer processor, cause the host server to perform operations comprising:
-
push, from the host server to a mobile communication device, information for instructing the mobile communication device to obtain a digital certificate from a certificate authority; receive, from the mobile communication device over a secure connection, a single, signed certificate request message that contains a public key generated by the mobile communication device and certificate authority information identifying the certificate authority from which the host server is to request a certificate for the mobile communication device, the certificate request message having been signed with a private key generated by the mobile communication device, the public key and the private key forming a public-private key pair; based on the certificate authority information received in the signed certificate request message, select from a plurality of possible protocols a particular protocol for communicating with the certificate authority; on behalf of the mobile communication device, use the particular protocol to send to the certificate authority a request comprising the signed certificate request message that was received from the mobile communication device; on behalf of the mobile communication device, poll the certificate authority for an indication of approval of the signed certificate request message; responsive to approval of the single, signed certificate request message, obtain a digital certificate signed by the certificate authority, the digital certificate containing the public key; and push the digital certificate to the mobile communication device. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
Specification