CN105429934B - Method and apparatus, readable storage medium storing program for executing, the terminal of HTTPS connectivity verification - Google Patents
Method and apparatus, readable storage medium storing program for executing, the terminal of HTTPS connectivity verification Download PDFInfo
- Publication number
- CN105429934B CN105429934B CN201410484630.0A CN201410484630A CN105429934B CN 105429934 B CN105429934 B CN 105429934B CN 201410484630 A CN201410484630 A CN 201410484630A CN 105429934 B CN105429934 B CN 105429934B
- Authority
- CN
- China
- Prior art keywords
- certificate
- https
- certification authentication
- website
- https connection
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Landscapes
- Information Transfer Between Computers (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The present invention relates to a kind of method and apparatus of HTTPS connectivity verification.It the described method comprises the following steps: when initiating HTTPS connection request to website, obtaining the certificate of the website;Remaining father's certificate of the certificate to the certificate and in addition to root certificate is verified;If the certificate and remaining father's certification authentication pass through, then judge the root certificate whether in the certificate repository of pre-set approval, if, then the certification authentication passes through, continue HTTPS connection, if not, then the uniform resource locator of the certificate, root certificate and the accessed website of HTTPS connection is verified, judge the uniform resource locator of the certificate, root certificate and the accessed website of HTTPS connection whether in preconfigured certification authentication set, if, then the certification authentication passes through, and continues HTTPS connection, otherwise terminates.The method and apparatus of above-mentioned HTTPS connectivity verification are not required to installation root certificate, avoid the threat to system, improve the safety of system.
Description
Technical field
The present invention relates to information security fields, more particularly to a kind of method and apparatus of HTTPS connectivity verification.
Background technique
Due to the factor of the various aspects such as information security, number of site uses the Certification system of oneself, oneself generates root certificate,
Oneself grant a certificate, such as Railway Call Center need to install its root certificate.It is not by state because of the root certificate of this kind of website
Trusted certificate issuance mechanism is signed and issued on border, so not being built in the certificate Store of operating system.
When browser accesses these websites, progress HTTPS (Hyper Transfer Protocol Over Secure
Socket Layer, safely for the hypertext transfer protocol of target) verifying when, or pop-up safety warning, or due to certificate
Reason and prevent to continue to access, user needs to install root certificate according to website requests to continue to access, because of the root certificate of installation
Not trusted root certificate in the world, causes potentially to threaten to the safety of whole system.
Summary of the invention
Based on this, it is necessary to need to install root certificate for traditional HTTPS connectivity verification and influence asking for system safety
Topic, provides a kind of method of HTTPS connectivity verification, is not required to installation root certificate, improves the safety of system.
In addition, there is a need to provide a kind of device of HTTPS connectivity verification.
A kind of method of HTTPS connectivity verification, comprising the following steps:
When initiating HTTPS connection request to website, the certificate of the website is obtained;
Remaining father's certificate of the certificate to the certificate and in addition to root certificate is verified;
If the certificate and remaining father's certification authentication pass through, judge the root certificate whether in pre-set approval
In certificate repository, if so, the certification authentication passes through, continue HTTPS connection, if it is not, then to the certificate, root certificate and
The uniform resource locator of the accessed website of HTTPS connection is verified, and judges the certificate, root certificate and HTTPS connection institute
The uniform resource locator of website is accessed whether in preconfigured certification authentication set, if so, the certification authentication is logical
It crosses, continues HTTPS connection, otherwise terminate.
A kind of device of HTTPS connectivity verification, comprising:
Module being obtained, when for initiating HTTPS connection request to website, obtaining the certificate of the website;
Authentication module, remaining father's certificate for the certificate to the certificate and in addition to root certificate are verified;
Judgment module, for judging the root certificate whether pre- when the certificate and remaining father's certification authentication pass through
In the certificate repository for the approval being first arranged, if so, the certification authentication passes through, continue HTTPS connection, if it is not, then to the card
The uniform resource locator of book, root certificate and the accessed website of HTTPS connection is verified, judge the certificate, root certificate and
Whether the uniform resource locator of the accessed website of HTTPS connection is in preconfigured certification authentication set, if so, described
Certification authentication passes through, and continues HTTPS connection, otherwise terminates.
The method and apparatus of above-mentioned HTTPS connectivity verification obtain the certificate of website when initiating HTTPS request to website,
The certificate and his father's certificate are verified, and judge after being verified corresponding root certificate whether approval certificate repository
In, if so, the certification authentication passes through, if it is not, then to the system of the website accessed the certificate, root certificate and corresponding HTTPS
One Resource Locator is verified, if certification authentication passes through in the certification authentication set of configuration, carries out HTTPS connection, no
Root certificate need to be installed, the threat to system is avoided, improve the safety of system.
Detailed description of the invention
Fig. 1 is the applied environment figure of the method for HTTP connectivity verification in one embodiment;
Fig. 2 is the flow chart of the method for HTTPS connectivity verification in one embodiment;
Fig. 3 is the structural block diagram of the device of HTTPS connectivity verification in one embodiment;
Fig. 4 is the structural block diagram of the device of HTTPS connectivity verification in another embodiment;
Fig. 5 is the structural block diagram of the device of HTTPS connectivity verification in another embodiment.
Specific embodiment
In order to make the objectives, technical solutions, and advantages of the present invention clearer, with reference to the accompanying drawings and embodiments, right
The present invention is further elaborated.It should be appreciated that the specific embodiments described herein are merely illustrative of the present invention, and
It is not used in the restriction present invention.
Fig. 1 is the applied environment figure of the method for HTTP connectivity verification in one embodiment.As shown in Figure 1, the application environment
In include server 110 and terminal 120, be mounted in terminal 120 client access server 110 on website.Website is
According to certain rule, the tool makings such as HTML (Hyper Text Markup Language, hypertext markup language) are used
For show specific content related web page set.Terminal 120 can be personal computer, tablet computer, smart phone, a
Personal digital assistant etc..Client can be browser client or the client of other applications.The visitor of the other applications
Family end such as bank net client etc..
HTTPS connection request is initiated in website on user end to server 110 in terminal 120, obtains website certificate, right
The certificate of the website and its remaining father's certificate in addition to corresponding root certificate are verified, after being verified, to root certificate into
Row verifying, judges the root certificate whether in the certificate repository of pre-set approval, if being then verified, if it is not, then to this
URL (Uniform Resource Locator, the unified money of certificate, corresponding root certificate and the accessed website of HTTPS connection
Source finger URL) it is verified, judge the cryptographic Hash according to the certificate, the cryptographic Hash of corresponding root certificate and the HTTPS connection institute
Whether the unique value that the URL of access website is obtained is in preconfigured certification authentication set, if so, the certification authentication is logical
It crosses, receives the certificate and carry out HTTPS connection, if it is not, then reminding whether user continues to access the website, if user's selection continues to visit
It asks, then certification authentication passes through, and continues HTTPS connection, if user selects to terminate access, certification authentication failure terminates HTTPS and connects
It connects.
Fig. 2 is the flow chart of the method for HTTPS connectivity verification in one embodiment.The side of HTTPS connectivity verification in Fig. 2
Method is applied in the application environment in Fig. 1.As shown in Fig. 2, the method for the HTTPS connectivity verification, comprising the following steps:
Step 202, when initiating HTTPS connection request to website, the certificate of the website is obtained.
Specifically, client initiates HTTPS connection request to website, and obtain the certificate of the website.HTTPS is with safety
For the channel HTTP of target, i.e., SSL (Secure Socket Layer, Secure Socket Layer) layer is added under http, is transmitting
Layer encrypts network connection.
Step 204, remaining father's certificate of the certificate to the certificate and in addition to root certificate is verified.
Specifically, remaining father by client (browser client or Internetbank client etc.) to certificate and in addition to root certificate
Certificate is verified, and is specifically included: first determining whether the certificate is effective, including judging whether the validity period of certificate, certificate issue
Whether correct issue accessed website, the hash value (cryptographic Hash) of certificate, if the certificate is effective, whether recurrence judges the certificate
By father's certificate issuance, if so, judge whether father's certificate of the certificate is effective, validity period, father's certificate including judging father's certificate
It is whether correct etc. that whether accessed website, the hash value (cryptographic Hash) of father certificate are presented to, such recurrence verifying, until in addition to root
Remaining father's certificate outside certificate is verified.If the certificate is in vain or a certain father's certification authentication of the certificate fails, should
Certification authentication failure.
Step 206, if the certificate and remaining father's certification authentication pass through, judge whether the root certificate recognizes pre-set
Can certificate repository in, if it is not, 208 are thened follow the steps, if so, thening follow the steps 210.
Specifically, root certificate refers in the trusted of installation operating system default in the certificate repository of pre-set approval
Root certificate and/or the root certificate that trust position is selectively mounted to by user.It is mounted on the root card of different Store (position)
Book, security level are also different.By taking browser client as an example, browser client approves the root certificate for being mounted on designated position
For trusted root certificate.Trusted root certificate refers to the receptible root certificate of client.
Step 208, the uniform resource locator of the certificate, root certificate and the accessed website of HTTPS connection is verified,
Judge whether the uniform resource locator of the certificate, root certificate and the accessed website of HTTPS connection is tested in preconfigured certificate
In card set, if so, thening follow the steps 210, otherwise terminate.
Before the step of initiating HTTPS connection request to website, the method for the HTTPS connectivity verification further include: receive
The preconfigured certification authentication set of server-side push.
Specifically, receiving the preconfigured certification authentication set that server-side is pushed by cloud service.With browser clients
For end, browser client receives browser service end and pushes preconfigured certification authentication set by cloud service.With net
For silver-colored client, then Internetbank client receives the preconfigured certification authentication collection that Internetbank server-side is pushed by cloud service
It closes.The certification authentication set refers to the preconfigured trusted certificate of server-side, root certificate and the accessed net of corresponding HTTPS
The set of the information for the uniform resource locator stood.
Certificate corresponding to the uniform resource locator of different websites is different, and certificate needs the unification with website when verifying
Resource Locator is corresponding.Such as www.abc.com corresponding A certificate, www.efg.com correspond to B certificate, when verifying, need by
The corresponding verifying of www.abc.com and A certificate, the authentication failed if by www.abc.com and B certification authentication.
Step 210, which passes through, and continues HTTPS connection.
Specifically, certification authentication passes through, then client receives the certificate, carries out HTTPS connection according to the certificate.
The method of above-mentioned HTTPS connectivity verification obtains the certificate of website, to the card when initiating HTTPS request to website
Book and his father's certificate are verified, and judge after being verified corresponding root certificate whether in the certificate repository of approval, if so,
Then the certification authentication passes through, if it is not, then fixed to the unified resource of the website accessed the certificate, root certificate and corresponding HTTPS
Position symbol is verified, if certification authentication passes through in the certification authentication set of configuration, carries out HTTPS connection, is not required to installation root
Certificate avoids the threat to system, improves the safety of system.In addition, certification authentication set is pushed by cloud service, it can
Realize fast reaction and deployment.
In one embodiment, the uniform resource locator to the certificate, root certificate and the accessed website of HTTPS connection
It is verified, judges whether the uniform resource locator of the certificate, root certificate and the accessed website of HTTPS connection is being pre-configured with
Certification authentication set in, if so, the certification authentication passes through, the step of continuing HTTPS connection, otherwise terminating includes: calculating
The cryptographic Hash of the certificate and the cryptographic Hash of root certificate are connected further according to the cryptographic Hash of the certificate, the cryptographic Hash of root certificate with HTTPS
The uniform resource locator of accessed website obtains unique validation value;Judge whether the validation value is tested in preconfigured certificate
In card set, if so, the certification authentication passes through, continues HTTPS connection, otherwise terminate.
In the present embodiment, the preconfigured cryptographic Hash according to certificate, root certificate are had recorded in certification authentication set
Cryptographic Hash connects the unique value that the URL of accessed website is obtained with HTTPS.
In other embodiments, the cryptographic Hash of certificate can be separately verified, the cryptographic Hash of root certificate is connected with HTTPS and accessed
The uniform resource locator of website, when three is verified, then it represents that the certification authentication of the website passes through, and client can connect
By the certificate, HTTPS connection is carried out according to the certificate.
In one embodiment, this judge step of the validation value not in preconfigured certification authentication set it
Afterwards, before terminating, the method for the HTTP connectivity verification further include: issue safety warning information;Phase is executed according to the user's choice
The operation answered.The sending safety warning information include: in the form of pop-up or switch into new web page form issue safety warning letter
Breath.Safety warning information refers to prompt, and there are security risks, if continues to access.Display is not required to switch into new in the form of pop-up
Webpage, the information that can browse web sites simultaneously and safety warning information.
If it includes: that user's selection continues to access that this executes corresponding operation according to the user's choice, the certification authentication is logical
It crosses, continues HTTPS connection, if user selects to terminate access, certification authentication failure terminates HTTPS connection.Specifically, with
Family continues to access, then the certification authentication passes through, and receives the certificate, carries out HTTPS connection according to the certificate.
Fig. 3 is the structural block diagram of the device of HTTPS connectivity verification in one embodiment.The dress of the HTTPS connectivity verification of Fig. 3
The virtual module that included functional module is made of the method for HTTPS connectivity verification is set, it can partition functionality mould as needed
Block, division without being limited thereto.As shown in figure 3, the device of the HTTPS connectivity verification, including obtain module 310,320 and of authentication module
Judgment module 330.Wherein:
When obtaining module 310 for initiating HTTPS connection request to website, the certificate of the website is obtained.
Remaining the father's certificate of authentication module 320 for the certificate to the certificate and in addition to root certificate is verified.
Specifically, to certificate and removing root by the authentication module 320 (browser client or Internetbank client etc.) of client
Remaining father's certificate outside certificate is verified, and is specifically included: first determining whether the certificate is effective, including judging the effective of certificate
Whether whether phase, certificate are presented to accessed website, the hash value (cryptographic Hash) of certificate correct, if the certificate is effective, recurrence
The certificate is judged whether by father's certificate issuance, if so, judging whether father's certificate of the certificate is effective, including judging father's certificate
Whether validity period, father's certificate are presented to whether accessed website, the hash value (cryptographic Hash) of father's certificate are correct etc., and such recurrence is tested
Card, until remaining father's certificate other than root certificate is verified.If the certificate is invalid or a certain father's certificate of the certificate
Authentication failed, then the certification authentication fails.
Whether judgment module 330 is used to judge the root certificate preparatory when the certificate and remaining father's certification authentication pass through
In the certificate repository of the approval of setting, if so, the certification authentication passes through, continue HTTPS connection, if it is not, then demonstrate,proving the certificate, root
The uniform resource locator of book and the accessed website of HTTPS connection is verified, and judges the certificate, root certificate and HTTPS connection
Whether the uniform resource locator of accessed website is in preconfigured certification authentication set, if so, the certification authentication is logical
It crosses, continues HTTPS connection, otherwise terminate.
Specifically, root certificate refers in the trusted of installation operating system default in the certificate repository of pre-set approval
Root certificate and/or the root certificate that trust position is selectively mounted to by user.The certification authentication set refers to that server-side is matched in advance
The set of the information of the uniform resource locator of trusted certificate, root certificate and the accessed website corresponding HTTPS set.
The judgment module 330 is also used to calculate the cryptographic Hash of the certificate and the cryptographic Hash of root certificate, further according to the certificate
The uniform resource locator that cryptographic Hash, the cryptographic Hash of root certificate connect accessed website with HTTPS obtains unique validation value, with
And judge that the validation value whether in preconfigured certification authentication set, if so, the certification authentication passes through, continues HTTPS
Connection, otherwise terminates.
In the present embodiment, the preconfigured cryptographic Hash according to certificate, root certificate are had recorded in certification authentication set
Cryptographic Hash connects the unique value that the URL of accessed website is obtained with HTTPS.
In other embodiments, the cryptographic Hash of certificate can be separately verified, the cryptographic Hash of root certificate is connected with HTTPS and accessed
The uniform resource locator of website, when three is verified, then it represents that the certification authentication of the website passes through, and client can connect
By the certificate, HTTPS connection is carried out according to the certificate.
The device of above-mentioned HTTPS connectivity verification obtains the certificate of website, to the card when initiating HTTPS request to website
Book and his father's certificate are verified, and judge after being verified corresponding root certificate whether in the certificate repository of approval, if so,
Then the certification authentication passes through, if it is not, then fixed to the unified resource of the website accessed the certificate, root certificate and corresponding HTTPS
Position symbol is verified, if certification authentication passes through in the certification authentication set of configuration, carries out HTTPS connection, is not required to installation root
Certificate avoids the threat to system, improves the safety of system.
Fig. 4 is the structural block diagram of the device of HTTPS connectivity verification in another embodiment.As shown in figure 4, the HTTPS connects
The device of verifying is connect, including obtains module 310, authentication module 320 and judgment module 330, further includes alarm module 340 and execution
Module 350.Wherein:
Alarm module 340 is used for when judging the validation value not in preconfigured certification authentication set, issues peace
Full warning message.The alarm module 340 is also used in the form of pop-up or switches into new web page form and issues safety warning information.
Execution module 350 for executing corresponding operation according to the user's choice.In the present embodiment, the execution module 350
If being also used to user's selection to continue to access, which passes through, and continues HTTPS connection, and if user's selection end visit
It asks, then the certification authentication fails, and terminates HTTPS connection.
Fig. 5 is the structural block diagram of the device of HTTPS connectivity verification in another embodiment.As shown in figure 5, the HTTPS connects
The device of verifying is connect, including obtains module 310, authentication module 320, judgment module 330, alarm module 340 and execution module
350, it further include receiving module 360.Wherein, receiving module 360 is used for before initiating HTTPS connection request to website, is received
The preconfigured certification authentication set of server-side push.Specifically, receiving module 360 passes through cloud service for receiving server-side
The preconfigured certification authentication set of push.Certification authentication set is pushed, it can be achieved that fast reaction and deployment by cloud service.
In order to further illustrate the application of the method and apparatus of above-mentioned HTTPS connectivity verification, with above-mentioned HTTPS connectivity verification
Method and apparatus be applied to browser access website for, specific process includes:
(1) browser client initiates HTTPS connection request to website, obtains the certificate of the website.
(2) browser client verifies remaining father's certificate in addition to root certificate of the certificate and the certificate.
Specifically, remaining father by client (browser client or Internetbank client etc.) to certificate and in addition to root certificate
Certificate is verified, and is specifically included: first determining whether the certificate is effective, including judging whether the validity period of certificate, certificate issue
Whether correct issue accessed website, the hash value (cryptographic Hash) of certificate, if the certificate is effective, whether recurrence judges the certificate
By father's certificate issuance, if so, judge whether father's certificate of the certificate is effective, validity period, father's certificate including judging father's certificate
It is whether correct etc. that whether accessed website, the hash value (cryptographic Hash) of father certificate are presented to, such recurrence verifying, until in addition to root
Remaining father's certificate outside certificate is verified.If the certificate is in vain or a certain father's certification authentication of the certificate fails, should
Certification authentication failure.
(3) when certificate and remaining father's certification authentication pass through, browser client judges whether the root certificate is presetting
Browser approve certificate repository in, if so, the certification authentication passes through, browser client receives the certificate, and according to this
Certificate carries out HTTPS connection, if it is not, then by browser client to the certificate, root certificate and the accessed website of HTTPS connection
Uniform resource locator is verified, that is, calculate certificate cryptographic Hash, the cryptographic Hash of root certificate, and according to the cryptographic Hash of certificate,
The uniform resource locator of the accessed website of cryptographic Hash and HTTPS connection of root certificate obtains unique validation value, judges that this is tested
Whether card value is in the certification authentication set that browser service end is pushed to browser client, if so, the certification authentication is logical
It crosses, browser client receives the certificate, and carries out HTTPS connection according to the certificate, if it is not, security alarm information is then popped up,
To prompt user to ignore security risk, continue to access, or terminates access;If user's selection continues to access, browser clients
Termination carries out HTTPS connection by the certificate, according to the certificate, if user selects to terminate access, certification authentication failure terminates
HTTPS connection.
It is only illustrated herein with browser client access website, above-mentioned HTTPS connectivity verification method can also answer
In the program for using HTTPS connection for other, such as Internetbank client logs in website of bank, Mail Clients logs in mail clothes
Business device etc..
Those of ordinary skill in the art will appreciate that realizing all or part of the process in above-described embodiment method, being can be with
Relevant hardware is instructed to complete by computer program, the program can be stored in a computer-readable storage medium
In, the program is when being executed, it may include such as the process of the embodiment of above-mentioned each method.Wherein, the storage medium can be magnetic
Dish, CD, read-only memory (Read-Only Memory, ROM) or random access memory (Random Access
Memory, RAM) etc..
The embodiments described above only express several embodiments of the present invention, and the description thereof is more specific and detailed, but simultaneously
Limitations on the scope of the patent of the present invention therefore cannot be interpreted as.It should be pointed out that for those of ordinary skill in the art
For, without departing from the inventive concept of the premise, various modifications and improvements can be made, these belong to guarantor of the invention
Protect range.Therefore, the scope of protection of the patent of the invention shall be subject to the appended claims.
Claims (12)
1. a kind of method of HTTPS connectivity verification, comprising the following steps:
When initiating HTTPS connection request to website, the certificate of the website is obtained;
Remaining father's certificate of the certificate to the certificate and in addition to root certificate is verified;
If the certificate and remaining father's certification authentication pass through, judge the root certificate whether pre-set approval certificate
In library, if so, the certification authentication passes through, continue HTTPS connection, if it is not, then connecting to the certificate, root certificate and HTTPS
The uniform resource locator for connecing accessed website is verified, and judges the certificate, root certificate and the accessed website of HTTPS connection
Uniform resource locator whether in preconfigured certification authentication set, if so, the certification authentication passes through, continue
HTTPS connection, otherwise terminates.
2. the method according to claim 1, wherein described visit the certificate, root certificate and HTTPS connection
It asks that the uniform resource locator of website is verified, judges the unification of the certificate, root certificate and the accessed website of HTTPS connection
Whether Resource Locator is in preconfigured certification authentication set, if so, the certification authentication passes through, continues HTTPS and connects
The step of connecing, otherwise terminating include:
The cryptographic Hash of the certificate and the cryptographic Hash of root certificate are calculated, further according to the Hash of the cryptographic Hash of the certificate, root certificate
The uniform resource locator that value connects accessed website with HTTPS obtains unique validation value;
Judge that the validation value whether in preconfigured certification authentication set, if so, the certification authentication passes through, continues
HTTPS connection, otherwise terminates.
3. according to the method described in claim 2, it is characterized in that, judging the validation value not preconfigured described
After step in certification authentication set, before terminating, the method also includes:
Issue safety warning information;
Corresponding operation is executed according to the user's choice.
4. according to the method described in claim 3, it is characterized in that, the sending safety warning information includes:
In the form of pop-up or switch into new web page form issue safety warning information;
It is described according to the user's choice execute corresponding operation include:
If user's selection continues to access, the certification authentication passes through, and continues HTTPS connection, if user selects to terminate access,
The certification authentication failure, terminates HTTPS connection.
5. the method according to claim 1, wherein to website initiate HTTPS connection request the step of before,
The method also includes:
Receive the preconfigured certification authentication set of server-side push.
6. a kind of device of HTTPS connectivity verification characterized by comprising
Module being obtained, when for initiating HTTPS connection request to website, obtaining the certificate of the website;
Authentication module, remaining father's certificate for the certificate to the certificate and in addition to root certificate are verified;
Judgment module, for judging whether the root certificate sets in advance when the certificate and remaining father's certification authentication pass through
In the certificate repository for the approval set, if so, the certification authentication passes through, continue HTTPS connection, if it is not, then to the certificate, root
The uniform resource locator of certificate and the accessed website of HTTPS connection is verified, and judges the certificate, root certificate and HTTPS
The uniform resource locator of accessed website is connected whether in preconfigured certification authentication set, if so, the certificate
It is verified, continues HTTPS connection, otherwise terminate.
7. device according to claim 6, which is characterized in that the judgment module is also used to calculate the Hash of the certificate
The cryptographic Hash of value and root certificate, connects accessed website with HTTPS further according to cryptographic Hash, the cryptographic Hash of root certificate of the certificate
Uniform resource locator obtain unique validation value, and judge the validation value whether in preconfigured certification authentication collection
In conjunction, if so, the certification authentication passes through, continues HTTPS connection, otherwise terminate.
8. device according to claim 7, which is characterized in that described device further include:
Alarm module, for issuing safe police when judging the validation value not in preconfigured certification authentication set
Accuse information;
Execution module, for executing corresponding operation according to the user's choice.
9. device according to claim 8, which is characterized in that the alarm module is also used in the form of pop-up or is switched into
Enter new web page form and issues safety warning information;
If the execution module is also used to user, selection continues to access, and the certification authentication passes through, and continues HTTPS connection, with
And if user selects to terminate access, the certification authentication failure, end HTTPS connection.
10. device according to claim 6, which is characterized in that described device further include:
Receiving module, for receiving the preconfigured certificate of server-side push before initiating HTTPS connection request to website
Verifying set.
11. a kind of computer readable storage medium is stored with computer program, when the computer program is executed by processor,
So that the processor is executed such as the step of any one of claims 1 to 5 the method.
12. a kind of terminal, including memory and processor, the memory is stored with computer program, the computer program
When being executed by the processor, so that the processor is executed such as the step of any one of claims 1 to 5 the method.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410484630.0A CN105429934B (en) | 2014-09-19 | 2014-09-19 | Method and apparatus, readable storage medium storing program for executing, the terminal of HTTPS connectivity verification |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410484630.0A CN105429934B (en) | 2014-09-19 | 2014-09-19 | Method and apparatus, readable storage medium storing program for executing, the terminal of HTTPS connectivity verification |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN105429934A CN105429934A (en) | 2016-03-23 |
| CN105429934B true CN105429934B (en) | 2019-07-19 |
Family
ID=55507876
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410484630.0A Active CN105429934B (en) | 2014-09-19 | 2014-09-19 | Method and apparatus, readable storage medium storing program for executing, the terminal of HTTPS connectivity verification |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN105429934B (en) |
Families Citing this family (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| RU2635276C1 (en) * | 2016-06-24 | 2017-11-09 | Акционерное общество "Лаборатория Касперского" | Safe authentication with login and password in internet network using additional two-factor authentication |
| CN106789897B (en) * | 2016-11-15 | 2019-08-06 | 沃通电子认证服务有限公司 | Digital certificate authentication method and system for application program for mobile terminal |
| CN107819584A (en) * | 2017-10-11 | 2018-03-20 | 杭州迪普科技股份有限公司 | Digital certificate acquisition methods and device |
| CN111314085B (en) * | 2020-01-22 | 2023-05-23 | 维沃移动通信有限公司 | Digital certificate verification method and device |
Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1517827A (en) * | 2003-01-08 | 2004-08-04 | Kddi株式会社 | Identification mode of contents file producer and its program |
| CN101023401A (en) * | 2004-06-25 | 2007-08-22 | 日本电气株式会社 | Mobile terminal, resource access control system of mobile terminal, and resource access control method of mobile terminal |
| CN101141243A (en) * | 2006-09-08 | 2008-03-12 | 飞塔信息科技(北京)有限公司 | Device and method for carrying out security check and content filtering on communication data |
| CN101141447A (en) * | 2006-09-08 | 2008-03-12 | 飞塔信息科技(北京)有限公司 | HTTPS communication tunnel security check and content filtering system and method |
| CN101789065A (en) * | 2005-02-14 | 2010-07-28 | 松下电器产业株式会社 | Application executing device, managing method, and program |
| WO2011090178A1 (en) * | 2010-01-22 | 2011-07-28 | Ricoh Company, Ltd. | Electronic apparatus and introducing method thereby |
| CN102546594A (en) * | 2011-12-07 | 2012-07-04 | 北京星网锐捷网络技术有限公司 | Network resource access control method, device and related equipment |
| CN103747001A (en) * | 2014-01-14 | 2014-04-23 | 中电长城(长沙)信息技术有限公司 | Audio-access mobile payment terminal based on security algorithm and communication method based on security algorithm |
-
2014
- 2014-09-19 CN CN201410484630.0A patent/CN105429934B/en active Active
Patent Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1517827A (en) * | 2003-01-08 | 2004-08-04 | Kddi株式会社 | Identification mode of contents file producer and its program |
| CN101023401A (en) * | 2004-06-25 | 2007-08-22 | 日本电气株式会社 | Mobile terminal, resource access control system of mobile terminal, and resource access control method of mobile terminal |
| CN101789065A (en) * | 2005-02-14 | 2010-07-28 | 松下电器产业株式会社 | Application executing device, managing method, and program |
| CN101141243A (en) * | 2006-09-08 | 2008-03-12 | 飞塔信息科技(北京)有限公司 | Device and method for carrying out security check and content filtering on communication data |
| CN101141447A (en) * | 2006-09-08 | 2008-03-12 | 飞塔信息科技(北京)有限公司 | HTTPS communication tunnel security check and content filtering system and method |
| WO2011090178A1 (en) * | 2010-01-22 | 2011-07-28 | Ricoh Company, Ltd. | Electronic apparatus and introducing method thereby |
| CN102546594A (en) * | 2011-12-07 | 2012-07-04 | 北京星网锐捷网络技术有限公司 | Network resource access control method, device and related equipment |
| CN103747001A (en) * | 2014-01-14 | 2014-04-23 | 中电长城(长沙)信息技术有限公司 | Audio-access mobile payment terminal based on security algorithm and communication method based on security algorithm |
Also Published As
| Publication number | Publication date |
|---|---|
| CN105429934A (en) | 2016-03-23 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US9641513B2 (en) | Methods and systems for controlling mobile terminal access to a third-party server | |
| US9398011B2 (en) | Location determination for user authentication | |
| WO2016127797A1 (en) | User information acquisition method, apparatus, and server | |
| JP5719871B2 (en) | Method and apparatus for preventing phishing attacks | |
| CN104798076B (en) | Privacy using polymerization security engine for Internet Service Provider strengthens key management | |
| JP5595586B2 (en) | Secure and efficient login and transaction authentication using iPhone ™ and other smart mobile communication devices | |
| US8918853B2 (en) | Method and system for automatic recovery from lost security token on embedded device | |
| CN106716960B (en) | User authentication method and system | |
| US20150222435A1 (en) | Identity generation mechanism | |
| US9240991B2 (en) | Anti-phishing system for cross-domain web browser single sign-on | |
| US20160255067A1 (en) | Methods, systems, and media for authenticating users using multiple services | |
| CN104519050B (en) | Login method and login system | |
| WO2016078182A1 (en) | Authorization method, device and system for sensitive data | |
| CN104113549A (en) | Platform authorization method, platform server side, application client side and system | |
| JP2011530740A (en) | Form entry and automatic password generation using digital ID | |
| US20170230351A1 (en) | Method and system for authenticating a user | |
| CN105429934B (en) | Method and apparatus, readable storage medium storing program for executing, the terminal of HTTPS connectivity verification | |
| US11770379B1 (en) | Proxy service for two-factor authentication | |
| CN113994330A (en) | System and method for single sign-on of application program | |
| CA2844888A1 (en) | System and method of extending a host website | |
| CN109729045B (en) | Single sign-on method, system, server and storage medium | |
| CN112260983B (en) | Identity authentication method, device, equipment and computer readable storage medium | |
| CN115022047B (en) | Account login method and device based on multi-cloud gateway, computer equipment and medium | |
| US20230403562A1 (en) | Systems and methods for verified communication between mobile applications | |
| CN108141434B (en) | Providing multi-factor authentication credentials via device notifications |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |