Unlock instant, AI-driven research and patent intelligence for your innovation.

Method for intelligently matching HTTPS access certificate

A technology for accessing certificates and certificates, applied in the field of operation and maintenance, can solve problems such as unavailability, poor usability, and inability to provide HTTPS services, etc., to achieve the effect of improving usability, wide application range, and improving business availability and quality

Inactive Publication Date: 2019-03-01
SICHUAN CHANGHONG ELECTRIC CO LTD
View PDF3 Cites 4 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] The purpose of the present invention is to provide a method for intelligently matching HTTPS access certificates, which is used to solve the problem that the HTTPS access client does not support SNI in the prior art, resulting in the inability to provide HTTPS services, which are often unavailable and have poor usability

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method for intelligently matching HTTPS access certificate
  • Method for intelligently matching HTTPS access certificate

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0027] combined with figure 1 As shown, a method for intelligently matching HTTPS access certificates, the method includes the following steps:

[0028] Step 1: Configure https port monitoring in a single WEB service, configure multiple domain name certificates, specify the default domain name certificate, and configure the IP or IP segment certificate correspondence table;

[0029] Step 2: HTTPS accesses the client, and the client sends ClientHello;

[0030] Step 3: After the WEB service receives the ClientHello packet sent by the client, it parses it, and checks whether the parsed ClientHello packet carries the SNI extension;

[0031] Step 4: According to the inspection result of step 3, if the ClientHello packet carries the SNI extension, the WEB server extracts the domain name information of the HTTPS access client in the SNI, directly returns the certificate of the corresponding domain name through the domain name information, and sends SeverHello to the HTTPS access cli...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a method for intelligently matching an HTTPS access certificate, and relates to the technical field of operation and maintenance. The method comprises the process of: configuring an https port to monitor, configuring domain name certificates, specifying a default domain name certificate and configuring an IP or IP segment certificate corresponding relationship table; and parsing a ClientHello packet, checking whether the ClientHello packet carries SNI expansion, then matching the domain name certificates, then carrying out TLS interaction, finally, judging whether the domain name certificate is consistent with a requested domain name, searching an IP state in the IP or IP segment certificate corresponding relationship table, and then selecting the corresponding domain name certificate according to the state. By the method provided by the invention, a certificate selection strategy is optimized; and as a more intelligent HTTPS certificate selection method, the method improves availability of a service, and can carry out improvement on service availability quality without carrying out expansion by an HTTPS access end.

Description

technical field [0001] The invention relates to the technical field of operation and maintenance, specifically, a method for intelligently matching HTTPS access certificates. Background technique [0002] With the development of the information age, the development of the country has entered the era of network security, and the Internet industry is paying more and more attention to the content security of external services. While business development, WEB services are being reused more and more. Stand-alone It is more and more common for web services to support multiple HTTPS domain names. [0003] However, there are still many problems in the current single-machine WEB service supporting multiple HTTPS domain names. The common problem is that the HTTPS access client does not support SNI, resulting in the inability to provide HTTPS services and often being unavailable and poor in usability. Contents of the invention [0004] The purpose of the present invention is to prov...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/08H04L29/06H04L29/12
CPCH04L63/0823H04L67/02H04L67/141H04L61/4511H04L67/01
Inventor 龚致
Owner SICHUAN CHANGHONG ELECTRIC CO LTD