Managing cell sites in a radio access network
US-2024224030-A1 · Jul 4, 2024 · US
Creating a digital certificate for a service using a local certificate authority having temporary signing authority
US2016173286A1 · US · A1
| Field | Value |
|---|---|
| Publication number | US-2016173286-A1 |
| Application number | US-201414566489-A |
| Country | US |
| Kind code | A1 |
| Filing date | Dec 10, 2014 |
| Priority date | Dec 10, 2014 |
| Publication date | Jun 16, 2016 |
| Grant date | — |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
A computing machine creates a temporary certificate authority (CA) hosted locally by the computing machine, creates a service certificate for a local service being hosted by the computing machine, and signs the service certificate using a private key of the temporary CA. The private key is stored locally on the computing machine. The computing machine removes signing authority of the temporary CA, and provides the service certificate to the local service.
First claim
Opening claim text (preview).
1 . A method comprising: creating, by a processing device of a computing machine, a temporary certificate authority (CA) hosted locally by the computing machine; creating, by the processing device, a certificate signing request (CSR) using a locally stored private key and a locally stored public key of a local service being hosted by the computing machine; creating, by the processing device, a service certificate for the local service using the CSR; signing, by the processing device, the service certificate using a private key of the temporary CA, the private key being stored locally on the computing machine; removing, by the processing device, signing authority of the temporary CA; and providing, by the processing device, the service certificate to the local service. 2 . The method of claim 1 , wherein removing signing authority of the temporary CA comprises: determining that one or more criteria for removing signing authority for the temporary CA are satisfied. 3 . The method of claim 1 , further comprising: storing a public key of the temporary CA in a local trust data store of the computing machine. 4 . The method of claim 1 , wherein creating the temporary CA comprises: creating the private key and a public key to represent the temporary CA; storing the private key and the public key in local non-persistent memory; and creating a CA certificate having signing authority, wherein the CA certificate is created using the private key and public key of the temporary CA. 5 . The method of claim 1 , wherein removing signing authority of the temporary CA comprises: destroying the private key of the temporary CA, wherein the private key of the temporary CA is stored in local non-persistent memory. 6 . The method of claim 1 , further comprising: signing, by the processing device, the CSR using the locally stored private key of local service. 7 . The method of claim 1 , wherein a script is executed to automatically create the temporary CA, create the service certificate for the local service, remove signing authority of the temporary CA, and provide the service certificate to the local service. 8 . A non-transitory computer-readable storage medium including instructions that, when executed by a processing device, cause the processing device to: create, by the processing device of a computing machine, a temporary certificate authority (CA) hosted locally by the computing machine; create, by the processing device, a certificate signing request (CSR) using a locally stored private key and a locally stored public key of a local service being hosted by the computing machine; create, by the processing device, a service certificate for the local service using the CSR; sign, by the processing device, the service certificate using a private key of the temporary CA, the private key being stored locally on the computing machine; remove, by the processing device, signing authority of the temporary CA; and provide, by the processing device, the service certificate to the local service. 9 . The non-transitory computer-readable storage medium of claim 8 , wherein to remove signing authority of the temporary CA, the processing device is to: determine that one or more criteria to remove signing authority for the temporary CA are satisfied. 10 . The non-transitory computer-readable storage medium of claim 8 , wherein the processing device is further to: store a public key of the temporary CA in a local trust data store. 11 . The non-transitory computer-readable storage medium of claim 8 , wherein to create the temporary CA, the processing device is to: create the private key and a public key to represent the temporary CA; store the private key and the public key in local non-persistent memory; and create a CA certificate having signing authority, wherein the CA certificate is created using the private key and public key of the temporary CA. 12 . The non-transitory computer-readable storage medium of claim 8 , wherein to remove signing authority of the temporary CA, the processing device is to: destroy the private key of the temporary CA, wherein the private key of the temporary CA is stored in local non-persistent memory. 13 . The non-transitory computer-readable storage medium of claim 8 , wherein the processing is further to: sign the CSR using the locally stored private key of local service. 14 . A system comprising: a memory; a processing device, operatively coupled to the memory to: create a temporary certificate authority (CA) hosted locally by the computing machine, the temporary CA comprising a private key and a public key stored locally in non-persistent memory of the computing machine; create a certificate signing request (CSR) using a locally stored private key and a locally stored public key of a local service being hosted by the computing machine; create a service certificate for the local service using the CSR; sign the service certificate using the private key of the temporary CA being stored locally on the computing machine; destroy the private key of the temporary CA; and provide the service certificate to the local service. 15 . The system of claim 14 , wherein to remove signing authority of the temporary CA comprises the processing device to: determine that one or more criteria for removing signing authority for the temporary CA are satisfied. 16 . The system of claim 15 , wherein the one or more criteria comprises an expiration of a time period for processing device to sign the service certificate using the private key of the temporary CA. 17 . The system of claim 14 , wherein to create the temporary CA comprises the processing device further to: create a CA certificate having signing authority, wherein the CA certificate is created using the private key and public key of the temporary CA. 18 . The system of claim 14 , wherein to destroy the private key of the temporary CA comprises the processing device to: deallocate the non-persistent memory that is storing the private key of the temporary CA. 19 . The system of claim 14 , wherein the processing device is further to: sign the CSR using the locally stored private key of local service. 20 . The system of claim 14 , wherein the processing device executes a script is to automatically create the temporary CA, create the service certificate for the local service, remove signing authority of the temporary CA, and provide the service certificate to the local service.
Assignees
Inventors
Classifications
for key distribution, e.g. centrally by trusted party (cryptographic mechanisms or cryptographic arrangements for key distribution involving a central third party H04L9/0819) · CPC title
using certificates (cryptographic mechanisms or cryptographic arrangements for entity authentication involving certificates H04L9/3263) · CPC title
Active attacks involving interception, injection, modification, spoofing of data unit addresses, e.g. hijacking, packet injection or TCP sequence number attacks · CPC title
involving a third party or a trusted authority · CPC title
- H04L9/3268Primary
using certificate validation, registration, distribution or revocation, e.g. certificate revocation list [CRL] · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US2016173286A1 cover?
- A computing machine creates a temporary certificate authority (CA) hosted locally by the computing machine, creates a service certificate for a local service being hosted by the computing machine, and signs the service certificate using a private key of the temporary CA. The private key is stored locally on the computing machine. The computing machine removes signing authority of the temporary …
- Who is the assignee on this patent?
- Red Hat Inc
- What technology area does this patent fall under?
- Primary CPC classification H04L9/3268. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Thu Jun 16 2016 00:00:00 GMT+0000 (Coordinated Universal Time) (A1). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 8 related publications on this page (citations in our corpus or others sharing the same primary CPC).