Unlock instant, AI-driven research and patent intelligence for your innovation.

HTTPS certificate management method

A certificate management and certificate technology, applied in the WEB application field, can solve the problems of time-consuming and laborious, large workload of copying certificate files, and error-prone, and achieve the effect of increasing security, avoiding losses and improving efficiency.

Pending Publication Date: 2021-12-17
FUJIAN FORTUNETONE NETWORK TECH CO LTD
View PDF0 Cites 6 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] In the new certificate issuance operation, the existing certificate issuance tool needs to go to the DNS resolution service provider to manually resolve and verify the verification of DNS ownership. When issuing multiple domain names, it needs to be repeated many times, which is not only time-consuming and labor-intensive, but also error-prone.
In the operation of certificate renewal, the renewal of domain name certificate is the same process as the issuance of new certificate, but the existing certificate issuance tools do not have the function of judging whether the domain name certificate needs to be renewed.
In the certificate distribution link, the existing certificate issuance tool saves the certificate information in the local disk of the certificate server after completing the visa, and manual copying is required for distribution to other servers. Copying certificate files in a large number of server environments is a huge workload and error-prone

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • HTTPS certificate management method
  • HTTPS certificate management method
  • HTTPS certificate management method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0044] like figure 1 As shown, the present invention provides a method for HTTPS certificate management, which includes:

[0045] New certificate issuance operation: use the API interface to connect to the server to perform domain name resolution and verification, and then issue the certificate; the specific steps include the following:

[0046] S101. Obtain data information of a user;

[0047] S102, analyze the data information of the user, and query to determine whether the database already has the visa information of the data information; if not, continue to execute step S103; if there is, determine whether the visa information period of the data information exceeds the threshold, If it does not exceed, it will exit the certificate issuance process; if it exceeds, it will be transferred to the subsequent certificate renewal operation;

[0048] S103, generate and save the corresponding private key information, and create a CSR file to which user data information is added; ...

Embodiment 2

[0069] like figure 2 To proceed with the visa as shown:

[0070] S1, obtain the domain name INPUTDOMAIN input by the user through the command line.

[0071] S2, python adds the tldextract extension library, parses the domain name information input by the user, and obtains the subdomain, domain, and suffix information.

[0072] S3, query whether the visa information of INPUTDOMAIN already exists in the database. If it exists and the certificate expiration time is less than 20 days, the certificate is valid and the process is exited. If it does not exist, continue with the following steps.

[0073] S4, python adds the paramiko extension library to generate 1024-bit or 2048-bit private key information (paramiko.RSAKey.generate(2048)) and save it to domainKeyFile.

[0074] S5, create a CSR file, add the user input INPUTDOMAIN to the CSR file ('openssl req-new-sha256-key%s-subj" / "-addext"subjectAltName=DNS:*.%s,DNS:%s"- out %s'%(domainKeyFile,singDomain,singDomain,domainCsrFi...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a HTTPS certificate management method. The method comprises the following steps of: a new certificate signing and issuing operation: connecting a server by using an API to analyze and verify a domain name, and then signing and issuing the certificate; a certificate renewal operation: setting a system timed task to renew the expired certificate; and a certificate distribution operation: setting system timed task synchronization domain name certificate information and enabling the certificate to take effect. According to the invention, the signing and signature renewal process is automatic, a large amount of manual intervention is not needed any more, and the efficiency is greatly improved. The automatic certificate distribution also avoids a large amount of operations of manually logging in the service server, and the security is improved. Certificates are automatically managed, and automatic signing is carried out when expiration time is close, so that loss caused by inaccessible stations due to expiration of certificates is avoided.

Description

technical field [0001] The invention is applied to the WEB application field, in particular to a method for HTTPS certificate management. Background technique [0002] Let's Encrypt is a non-profit Certificate Authority (CA) serviced by the Internet Security Research Group (ISRG) and supported by major browsers. Let's Encrypt uses the ACME protocol to apply for a certificate to automatically verify domain name ownership, but it also needs to manually configure DNS resolution and trigger each step of the operation according to the requirements of Let's Encrypt. After completing the visa, the text content of the domain name certificate can be obtained; because Let's Encrypt's The policy requires that the maximum validity period of each domain name certificate is 3 months. [0003] In the operation of new certificate issuance, the existing certificate issuance tools need to manually resolve and verify the DNS resolution service provider in the process of verifying DNS ownershi...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/08H04L29/06H04L29/12
CPCH04L67/02H04L63/0823H04L63/20
Inventor 黄友淳陈华明黄禄森李勇方立
Owner FUJIAN FORTUNETONE NETWORK TECH CO LTD