SYSTEMS AND METHODS FOR SPLIT PROXYING OF SSL VIA WAN APPLIANCES
First Claim
1. A method for split proxying Secure Socket Layer (SSL) communications across intermediaries deployed between a client and a server, the method comprising:
- a) establishing, by a first intermediary in communication with a server, a first Secure Socket Layer (SSL) session with a server;
b) establishing, by a second intermediary in communication with one or more client, a second Secure Socket Layer (SSL) session with a client using SSL configuration information received from the first intermediary, the second intermediary and the first intermediary communicating via a third SSL session;
c) decrypting, by the first intermediary, encrypted data received from the server using a first session key of the first SSL session;
d) transmitting, by the first intermediary to the second intermediary via the third SSL session, the data encrypted using a third session key of the third SSL session;
e) decrypting, by the second intermediary, the data encrypted via the third SSL session using the third session key; and
f) transmitting, by the second intermediary to the client, the data encrypted using a second session key of the second SSL session.
7 Assignments
0 Petitions
Accused Products
Abstract
The present invention is directed towards systems and methods for split proxying Secure Socket Layer (SSL) communications via intermediaries deployed between a client and a server. The method includes establishing, by a server-side intermediary, a SSL session with a server. A client-side intermediary may establish a second SSL session with a client using SSL configuration information received from the server-side intermediary. Both intermediaries may communicate via a third SSL session. The server-side intermediary may decrypt data received from the server using the first SSL session'"'"'s session key. The server-side intermediary may transmit to the client-side intermediary, via the third SSL session, data encrypted using the third SSL session'"'"'s session key. The client-side intermediary may decrypt the encrypted data using the third SSL session'"'"'s session key. The client-side intermediary may transmit to the client the data encrypted using the second SSL session'"'"'s session key.
185 Citations
20 Claims
-
1. A method for split proxying Secure Socket Layer (SSL) communications across intermediaries deployed between a client and a server, the method comprising:
-
a) establishing, by a first intermediary in communication with a server, a first Secure Socket Layer (SSL) session with a server; b) establishing, by a second intermediary in communication with one or more client, a second Secure Socket Layer (SSL) session with a client using SSL configuration information received from the first intermediary, the second intermediary and the first intermediary communicating via a third SSL session; c) decrypting, by the first intermediary, encrypted data received from the server using a first session key of the first SSL session; d) transmitting, by the first intermediary to the second intermediary via the third SSL session, the data encrypted using a third session key of the third SSL session; e) decrypting, by the second intermediary, the data encrypted via the third SSL session using the third session key; and f) transmitting, by the second intermediary to the client, the data encrypted using a second session key of the second SSL session. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A system for split proxying Secure Socket Layer (SSL) communications across intermediaries deployed between a client and a server, comprising:
-
means for establishing, by a first intermediary in communication with a server, a first Secure Socket Layer (SSL) session with a server; means for establishing, by a second intermediary in communication with one or more client, a second Secure Socket Layer (SSL) session with a client using SSL configuration information received from the first intermediary, the second intermediary and the first intermediary communicating via a third SSL session; means for decrypting, by the first intermediary, encrypted data received from the server using a first session key of the first SSL session; means for transmitting, by the first intermediary to the second intermediary via the third SSL session, the data encrypted using a third session key of the third SSL session; means for decrypting, by the second intermediary, the data encrypted via the third SSL session using the third session key; and means for transmitting, by the second intermediary to the client, the data encrypted using a second session key of the second SSL session. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
-
Specification