ASSISTED CERTIFICATE ENROLLMENT
First Claim
Patent Images
1. A method of assisting a computing device to request a certificate, said method comprising:
- receiving, from a computing device, a certificate signing request;
amending said certificate signing request to include a challenge password to produce a password-carrying certificate signing request;
determining a hash of said password-carrying certificate signing request;
transmitting said hash to said computing device;
receiving, from said computing device, said certificate signing request and a signature;
amending said certificate signing request to include a challenge password to produce a signed, password-carrying certificate signing request;
encrypting said signed, password-carrying certificate signing request to produce an encrypted signed, password-carrying certificate signing request; and
transmitting, to said computing device, said encrypted, signed, password-carrying certificate signing request.
4 Assignments
0 Petitions
Accused Products
Abstract
A certificate enrolment assistant module may be provided to inject a challenge password into a certificate signing request to be sent, to a Certificate Authority, from a computing device. The certificate enrolment assistant module, thereby, acts as a trusted proxy to assist the computing device in building a valid certificate signing request without the computing device having access to the challenge password.
18 Citations
8 Claims
-
1. A method of assisting a computing device to request a certificate, said method comprising:
-
receiving, from a computing device, a certificate signing request; amending said certificate signing request to include a challenge password to produce a password-carrying certificate signing request; determining a hash of said password-carrying certificate signing request; transmitting said hash to said computing device; receiving, from said computing device, said certificate signing request and a signature; amending said certificate signing request to include a challenge password to produce a signed, password-carrying certificate signing request; encrypting said signed, password-carrying certificate signing request to produce an encrypted signed, password-carrying certificate signing request; and transmitting, to said computing device, said encrypted, signed, password-carrying certificate signing request. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A certificate enrolment assistant module comprising:
-
a communication subsystem operable to; receive, from a computing device, a certificate signing request; transmit a hash to said computing device; receive, from said computing device, said certificate signing request and a signature; transmit, to said computing device, an encrypted, signed, password-carrying certificate signing request. a processor adapted to; amend said certificate signing request to include a challenge password to produce a password-carrying certificate signing request; determine said hash of said password-carrying certificate signing request; amend said certificate signing request to include a challenge password to produce a signed, password-carrying certificate signing request; encrypt said signed, password-carrying certificate signing request to produce said encrypted signed, password-carrying certificate signing request. - View Dependent Claims (7)
-
-
8. A computer-readable medium containing computer-executable instructions that, when performed by a processor in a computing device, cause said processor to:
-
receive, from a computing device, a certificate signing request; amend said certificate signing request to include a challenge password to produce a password-carrying certificate signing request; determine a hash of said password-carrying certificate signing request; transmit said hash to said computing device; receive, from said computing device, said certificate signing request and a signature; amend said certificate signing request to include a challenge password to produce a signed, password-carrying certificate signing request; encrypt said signed, password-carrying certificate signing request to produce an encrypted signed, password-carrying certificate signing request; and transmit, to said computing device, said encrypted, signed, password-carrying certificate signing request.
-
Specification