Patent application number | Description | Published |
20110078198 | AUTOMATIC SERIAL NUMBER AND REQUEST ID ALLOCATION IN A REPLICATED (CLONED) CERTIFICATE AUTHORITY AND DATA RECOVERY MANAGEMENT TOPOLOGY - A Serial Number Management System (SNMS) automatically manages the allocation of unique serial numbers to certificate authority servers in a replicated server environment. The SNMS automatically detects that a Certificate Authority (CA) server has a need for a new set of unused serial numbers. The SNMS obtains a global serial number that is available to be used by any of the CA servers in a replication domain. The SNMS determines the new set of the unused serial numbers using the global serial number and updates the global serial number. | 03-31-2011 |
20110078304 | Automatic Server Administration of Serial Numbers in a Replicated Certificate Authority Topology - A Serial Number Management System (SNMS) automatically manages the allocation of unique serial numbers to certificate authority servers in a replicated server environment. The SNMS automatically detects that a Certificate Authority (CA) server has a need for additional unused serial numbers. The SNMS identifies a provider CA server that has unused serial numbers. The SNMS obtains a portion of the unused serial numbers from the provider CA server. | 03-31-2011 |
20110078772 | LDAP SECURITY DOMAIN DATA STORAGE - A Security Domain Access System (SDAS) provides highly available security domain data. The SDAS receives a request pertaining to a security domain. The request includes credentials for accessing a security domain manager server. The SDAS selects one of a plurality of security domain manager servers to process the request based on the credentials and the availability of each of the plurality of security domain manager servers. The SDAS forwards the request to the selected security domain manager server. | 03-31-2011 |
20110126001 | AUTOMATIC CERTIFICATE RENEWAL - A method and system for automatic certificate renewal is described. | 05-26-2011 |
20110213961 | DYNAMIC USER INTERFACE GENERATION BASED ON CONSTRAINTS OF A CERTIFICATE PROFILE - A method and system for dynamic user interface generation based on constraints of a certificate profile is described. | 09-01-2011 |
20110213963 | USING AN OCSP RESPONDER AS A CRL DISTRIBUTION POINT - A certificate revocation list (CRL) distribution system receives a request from a client pertaining to a status of a certificate and determines whether the client is an online certificate status protocol (OCSP) compliant client. The certificate status distribution system sends the certificate status to the client using OCSP in response to a determination that the client is an OCSP compliant client and sends a certificate revocation list to the client in response to a determination that the client is not an OCSP compliant client. | 09-01-2011 |
20110213964 | AUTOMATICALLY DETERMINING AN ACCEPTABLE CRL SIZE BASED ON SYSTEM CAPABILITY - A certificate revocation list (CRL) deployment system loads a portion of test data that represents revoked certificates into a cache at periodic intervals and generates a CRL for a corresponding periodic interval using the test data that is loaded in the cache at that corresponding periodic interval. The CRL deployment system determines a CRL size that the server computing system is capable to support using the generated CRLs and notifies a user of the CRL size that the server computing system is capable to support. | 09-01-2011 |
20110213965 | IDENTITY MANAGEMENT CERTIFICATE OPERATIONS - A method and system for identity management certificate operations is described. | 09-01-2011 |
20110213966 | AUTOMATICALLY GENERATING A CERTIFICATE OPERATION REQUEST - A method and system for automatically generating a certificate operation request is described. | 09-01-2011 |
20110213967 | PRE-ENCODING A CACHED CERTIFICATE REVOCATION LIST - A method and system for pre-encoding a cached CRL is described. | 09-01-2011 |
20110296172 | SERVER-SIDE KEY GENERATION FOR NON-TOKEN CLIENTS - A method and system for server-side key generation for non-token clients is described. | 12-01-2011 |
20130031363 | GENERATING A CRL USING A SUB-SYSTEM HAVING RESOURCES SEPARATE FROM A MAIN CERTIFICATE AUTHORITY SUB-SYSTEM - A server computing system initiates a first sub-system to generate a certificate revocation list (CRL) using resources that are separate from resources of a second sub-system that performs certificate authority (CA) management functions other than generating a CRL. The first sub-system receives a command from the second sub-system to update revocation data in a cache that is coupled to the first sub-system and generates a CRL using the updated revocation data in the cache. The first sub-system provides the CRL to the second sub-system. | 01-31-2013 |
20140250297 | CERTIFICATE RENEWAL - Certificate renewal is described. A processing device searches a certificate authority (CA) database of digital certificates to identify a certificate that satisfies an expiration condition for automatic renewal. The processing device renews the certificate as a renewed certificate without any user interaction. The processing device is to renew the certificate in view of the expiration condition. The expiration condition includes an expiration of the certificate. When renewing of the certificate, the processing device reuses a key of the certificate for the renewed certificate and sets a new expiration date for the renewed certificate. | 09-04-2014 |