Method and device for loading digital certificate in SSL/TLS communication

A digital certificate and key exchange technology, applied in the field of communication, can solve problems such as poor website compatibility, negotiation failure, and clients unable to access websites through HTTPS, etc., and achieve the effects of improving poor compatibility, improving security, and improving dynamic loading efficiency.

Active Publication Date: 2017-03-22
ALIBABA GRP HLDG LTD
View PDF2 Cites 27 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0007] If some old version of the client cannot support the newer algorithm in the certificate, the negotiation will fail, resulting in

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and device for loading digital certificate in SSL/TLS communication
  • Method and device for loading digital certificate in SSL/TLS communication
  • Method and device for loading digital certificate in SSL/TLS communication

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0063] In order to make the above objects, features and advantages of the present application more obvious and comprehensible, the present application will be further described in detail below in conjunction with the accompanying drawings and specific implementation methods.

[0064] SSL / TLS is a secure network transmission protocol, mainly to protect confidential information transmitted on the Internet. The protocol includes two processes: the handshake phase and the data transmission phase.

[0065] The data transmission stage is to use the negotiated symmetric key to encrypt and decrypt the transmitted data, and the digest key to perform digest operation to ensure the privacy and integrity of the data.

[0066] The main purpose of the handshake phase is to confirm the authenticity and validity of the identity of the other party and generate the secret key required for the data transmission phase.

[0067] The SSL handshake process is as follows:

[0068] a. Client item The...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a method and device for loading a digital certificate in SSL/TLS communication. The method comprises the steps that a handshake request message sent by a client based on a secure socket layer protocol SSL or a transport layer security protocol TLS is received; a key exchange mode and a first signature mode supported by the client are verified according to the handshake request message; whether the key exchange mode and the first signature mode match the currently loaded digital certificate is determined; if not, another digital certificate matching the key exchange mode and the first signature mode is loaded; and a handshake response message is returned to the client according to the key exchange mode and the first signature mode, wherein the key exchange mode and the first signature mode successfully match the digital certificate. According to the embodiment of the invention, the appropriate digital certificate is dynamically loaded during handshake negotiation to ensure successful SSL/TLS handshake negotiation.

Description

technical field [0001] The present application relates to the technical field of communication, in particular to a method for loading a digital certificate in SSL / TLS communication and a device for loading a digital certificate in SSL / TLS communication. Background technique [0002] Based on emerging applications such as e-commerce and online banking, it greatly facilitates people's daily life and is favored by people. Since these applications all need to carry out online transactions on the network, they put forward higher requirements for the security of network communication. Therefore, HTTPS (Hyper Text Transfer Protocol Secure Socket Layer, hypertext transfer security protocol) has been used by more and more websites. [0003] HTTPS is a security-oriented HTTP (Hypertext transfer protocol, hypertext transfer protocol) channel, that is, adding SSL (Secure Sockets Layer, secure socket layer protocol) or its subsequent version TLS (Transport Layer Security, secure transpo...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L9/32H04L29/06
CPCH04L9/32
Inventor 齐铁鹏杨洋刘立朋李振宇蒋锷周辉
Owner ALIBABA GRP HLDG LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap