CN109905243B - Method and server for processing digital certificate updating request - Google Patents
Method and server for processing digital certificate updating request Download PDFInfo
- Publication number
- CN109905243B CN109905243B CN201711308434.8A CN201711308434A CN109905243B CN 109905243 B CN109905243 B CN 109905243B CN 201711308434 A CN201711308434 A CN 201711308434A CN 109905243 B CN109905243 B CN 109905243B
- Authority
- CN
- China
- Prior art keywords
- digital certificate
- request
- updating
- abstract
- processing
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Abstract
The embodiment of the invention provides a method and a server for processing a digital certificate updating request, which are used for solving the technical problem that a digital certificate management center in the prior art has poor processing effect on the digital certificate updating request. The method comprises the following steps: receiving a digital certificate updating request sent by terminal equipment, wherein the digital certificate updating request carries information of a digital certificate which is requested to be updated by the terminal equipment; generating an update request abstract corresponding to the digital certificate update request according to the information of the digital certificate; wherein the request digest is used to uniquely identify the digital certificate update request; searching whether a request abstract matched with the updating request abstract exists in a cache queue; the cache queue stores a request abstract corresponding to a historical digital certificate updating request; and if the digital certificate does not exist, updating the digital certificate according to the digital certificate updating request.
Description
Technical Field
The present invention relates to the field of communication security, and in particular, to a method and a server for processing a digital certificate update request.
Background
Digital certificates are a series of data which mark identity information of communication parties in network communication and are issued by an Authority-Certificate Authority (CA) center, and people can use the digital certificates in the network to identify the identity of the communication parties.
At present, digital certificates are mainly managed and applied through mobile equipment, and the mobile equipment can relate to a scene of updating the digital certificates of mobile phone terminals in the process of managing the digital certificates. When the mobile device communicates with the digital certificate management center through a wireless network, network failures such as poor network communication quality or network communication interruption often occur, and therefore, a user of the mobile device may need to try to resend an updated certificate request many times; of course, under normal circumstances, the mobile device user may send repeated update certificate requests multiple times due to misoperation when sending the update certificate request. After receiving a certificate updating request repeatedly sent by a mobile device, if the certificate updating request is improperly processed, the digital certificate management center may perform error processing on the digital certificate updating. For example, the digital certificate management center may repeatedly process the digital certificate, which may result in an amplification of the validity period of the updated certificate, and an expected deviation of the update; alternatively, in some processes requiring re-certification after a digital certificate revocation, subsequent repeated requests may discover that the renewed certificate has been revoked, thereby creating a situation in which the renewed certificate request is incorrect.
Therefore, the effect of processing the digital certificate update request by the digital certificate management center in the prior art is poor.
Disclosure of Invention
The embodiment of the invention provides a method and a server for processing a digital certificate updating request, which are used for solving the technical problem that a digital certificate management center in the prior art has poor processing effect on the digital certificate updating request.
In a first aspect, an embodiment of the present invention provides a method for processing a digital certificate update request, including the following steps:
receiving a digital certificate updating request sent by terminal equipment, wherein the digital certificate updating request carries information of a digital certificate which is requested to be updated by the terminal equipment;
generating an update request abstract corresponding to the digital certificate update request according to the information of the digital certificate; wherein the request digest is used to uniquely identify the digital certificate update request;
searching whether a request abstract matched with the updating request abstract exists in a cache queue; the cache queue stores a request abstract corresponding to a historical digital certificate updating request;
and if the digital certificate does not exist, updating the digital certificate according to the digital certificate updating request.
Optionally, if the digital certificate does not exist, updating the digital certificate according to the digital certificate update request includes:
if the cache queue is determined not to have the request abstract matched with the updating request abstract, verifying the digital certificate according to the information of the digital certificate in the digital certificate updating request;
and determining that the digital certificate is verified, and updating the digital certificate.
Optionally, if not, before updating the digital certificate according to the digital certificate update request, the method further includes:
storing the summary of the update request into the cache queue;
after updating the digital certificate in accordance with the digital certificate update request, the method further comprises:
and associating the update request summary with the updated digital certificate.
Optionally, after searching for whether a request digest matching the update request digest exists in the cache queue, the method further includes:
if a request abstract successfully matched with the updating request abstract exists in the cache queue, determining a target request abstract successfully matched with the updating request abstract;
acquiring the processing state of the target request abstract; the processing state is used for indicating the processing condition of a historical digital certificate updating request corresponding to the target request abstract;
and generating and sending feedback information corresponding to the digital certificate updating request to the terminal equipment according to the processing state.
Optionally, generating and sending feedback information corresponding to the digital certificate update request to the terminal device according to the processing state includes:
if the processing state is a processing progress state, generating and sending feedback information for indicating that the digital certificate updating request is in the processing progress state to the mobile terminal; or
And if the processing state is the ending state, acquiring the updated digital certificate corresponding to the target request abstract, and generating and sending feedback information including the updated digital certificate to the mobile terminal.
Optionally, the information of the digital certificate includes a serial number, a public key, and security subject information.
In a second aspect, the present invention provides a server in real time, comprising:
the system comprises a receiving module, a sending module and a receiving module, wherein the receiving module is used for receiving a digital certificate updating request sent by terminal equipment, and the digital certificate updating request carries information of a digital certificate which is requested to be updated by the terminal equipment;
the generating module is used for generating an updating request abstract corresponding to the digital certificate updating request according to the information of the digital certificate; wherein the request digest is used to uniquely identify the digital certificate update request;
the operation module is used for searching whether a request abstract matched with the update request abstract exists in the cache queue; the cache queue stores a request abstract corresponding to a historical digital certificate updating request;
and the updating module is used for updating the digital certificate according to the digital certificate updating request if the cache queue does not have the request abstract matched with the updating request abstract.
Optionally, the update module is configured to:
if the cache queue does not have the request abstract matched with the updating request abstract, verifying the digital certificate according to the information of the digital certificate in the digital certificate updating request;
and determining that the digital certificate is verified, and updating the digital certificate.
Optionally, the operation module is further configured to:
before the digital certificate is updated according to the digital certificate updating request, storing the summary of the updating request into the cache queue; and associating the update request digest with the updated digital certificate after updating the digital certificate according to the digital certificate update request.
Optionally, the operation module is further configured to:
after searching whether a request abstract matched with the updating request abstract exists in a cache queue or not, if the request abstract successfully matched with the updating request abstract exists in the cache queue, determining a target request abstract successfully matched with the updating request abstract;
acquiring the processing state of the target request abstract; the processing state is used for indicating the processing condition of a historical digital certificate updating request corresponding to the target request abstract;
and generating and sending feedback information corresponding to the digital certificate updating request to the terminal equipment according to the processing state.
Optionally, the operation module is further configured to:
if the processing state is a processing progress state, generating and sending feedback information for indicating that the digital certificate updating request is in the processing progress state to the mobile terminal; or
And if the processing state is the ending state, acquiring the updated digital certificate corresponding to the target request abstract, and generating and sending feedback information including the updated digital certificate to the mobile terminal.
Optionally, the information of the digital certificate includes a serial number, a public key, and security subject information.
In a third aspect, an embodiment of the present invention provides a computer apparatus, which includes a processor, and the processor is configured to implement the method according to the first aspect when executing a computer program stored in a memory.
In a fourth aspect, the present invention provides a computer-readable storage medium storing computer instructions, which when executed on a computer, cause the computer to perform the method according to the first aspect.
In the embodiment of the invention, when a digital certificate updating request of terminal equipment is received, an updating request abstract corresponding to the updating request is generated according to the digital certificate information carried by the digital certificate updating request, whether the digital certificate updating request is a request repeatedly submitted by the terminal equipment can be determined by determining whether the same updating request abstract exists in a cache queue, and the digital certificate can be updated according to the digital certificate updating request when the same updating request abstract does not exist in the cache queue, so that the condition of error processing of the repeatedly submitted digital certificate updating request is avoided, and the accuracy of updating the digital certificate is improved.
Drawings
FIG. 1 is a flow chart of a method of processing a digital certificate update request in an embodiment of the present invention;
FIG. 2 is a flowchart illustrating a process for handling an update certificate request according to an embodiment of the present invention;
FIG. 3 is a block diagram of a server that processes a digital certificate update request in an embodiment of the present invention;
FIG. 4 is a block diagram of a computer device according to an embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention clearer, the present invention will be described in further detail with reference to the accompanying drawings, and it is apparent that the described embodiments are only a part of the embodiments of the present invention, not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
The technical solution described herein may be applied to a digital certificate management center system, and specifically may be a server used in the digital certificate management center system, such as a CA center server.
First, some terms in the embodiments of the present invention are explained so as to be easily understood by those skilled in the art.
(1) The server may be a server in a machine room of a CA certification authority, or a server in an enterprise self-built CA, which may be used to manage the digital certificate, for example, the server may issue a certificate for the public key of the user through a CA system, or the server may update the corresponding digital certificate according to a certificate update request of the mobile terminal, and so on.
(2) The terminal device may be a device having a wireless communication function. The terminal device can connect and communicate with the server through a wireless communication function, for example, to send a digital certificate update request to the server. The terminal device may communicate with a core Network via a Radio Access Network (RAN). The Terminal Device may include a User Equipment (UE), a wireless Terminal Device, a Mobile Terminal Device, a Subscriber Unit (Subscriber Unit), a Subscriber Station (Subscriber Station), a Mobile Station (Mobile), a Remote Station (Remote Station), an Access Point (AP), a Remote Terminal Device (Remote Terminal), an Access Terminal Device (Access Terminal), a User Terminal Device (User Terminal), a User Agent (User Agent), or a User Equipment (User Device), etc. For example, mobile phones (or so-called "cellular" phones), computers with mobile terminal equipment, portable, pocket, hand-held, computer-included or vehicle-mounted mobile devices, smart wearable devices, and the like may be included. For example, Personal Communication Service (PCS) phones, cordless phones, Session Initiation Protocol (SIP) phones, Wireless Local Loop (WLL) stations, Personal Digital Assistants (PDAs), smart watches, smart helmets, smart glasses, smart bracelets, and the like. Also included are constrained devices, such as devices that consume less power, or devices that have limited storage capabilities, or devices that have limited computing capabilities, etc. Including, for example, bar codes, Radio Frequency Identification (RFID), sensors, Global Positioning Systems (GPS), laser scanners, and other information sensing devices.
The technical solutions of the embodiments of the present invention will be described below with reference to the accompanying drawings and preferred embodiments.
Example one
As shown in fig. 1, an embodiment of the present invention provides a method for processing a digital certificate update request, where the method may be applied to the terminal device, and the method may be described as follows:
s11: the server receives a digital certificate updating request sent by the terminal equipment, wherein the digital certificate updating request carries information of a digital certificate which is requested to be updated by the terminal equipment.
In the embodiment of the invention, the server in the digital certificate management center system can receive the digital certificate updating request sent by the terminal equipment. In practical applications, when a network is abnormal, the terminal device may repeatedly send the same request for updating the certificate for many times, or, when the network is normal, the user may operate incorrectly due to improper design of the front-end device, so that the request for repeatedly sending the certificate for updating may exist for many times.
In the embodiment of the present invention, the information of the digital certificate carried in the digital certificate update request may include basic information and other information, where the basic information includes information such as a serial number, a security subject, and a public key of the certificate, and the other information may include a timestamp generated by the digital certificate update request, a validity period and a valid state of the digital certificate, and the like.
S12: the server generates an update request abstract corresponding to the digital certificate update request according to the information of the digital certificate; wherein the update request digest is used to uniquely identify the corresponding digital certificate update request.
In the embodiment of the invention, after receiving the digital certificate updating request, the server can acquire the information of the digital certificate in the digital certificate updating request, including the serial number of the digital certificate, the digital certificate theme and the public key of the digital certificate.
Furthermore, the server can generate an update request digest corresponding to the digital certificate update request by performing a hash operation on the obtained serial number, the digital certificate topic and the public key of the digital certificate. The update request digest can uniquely identify the digital certificate requested to be updated by the digital certificate update request, that is, the digital certificate has uniqueness, the update request digest used for characterizing the digital certificate update request can be used for identifying the update request uniquely, and the update requests with the same request digest are the update requests corresponding to the same digital certificate.
In the embodiment of the invention, the generated update request digests are the same according to the information of the digital certificate carried by the update request aiming at the same digital certificate (with the same serial number). Therefore, the server can subsequently determine whether the received digital certificate update request is a repeatedly submitted update request according to the digest corresponding to the digital certificate update request, so as to perform corresponding processing according to the determination result.
S13: the server searches whether a request abstract matched with the update request abstract exists in the cache queue; the cache queue stores a request summary corresponding to the historical digital certificate update request.
In the embodiment of the present invention, the cache queue may be an update request digest that is generated and cached by the server according to the update requests received in history, and each update request digest in the cache queue has uniqueness and corresponds to an update request for the same valid digital certificate.
In practical application, the request digest stored in the cache queue may be a history request digest generated by the server according to a digital certificate update request received in history, for example, the request digest generated by the server according to a digital certificate update request received within a preset time period from the current time, and the range of the preset time period may have a large time window range, which can be completely covered, thereby avoiding a situation that the certificate update request is repeatedly submitted.
The server can search whether the same request abstract exists in the cache queue according to the update request abstract so as to determine whether the currently received digital certificate update request is an update request repeatedly sent by the mobile terminal, and the request abstract corresponding to the same update request has consistency, so that when the repeated submission request is judged, only the same request abstract needs to be searched in the cache queue, the request abstract does not need to depend on a user submitting the request, and the efficiency and the accuracy of determining the repeated submission request are effectively improved.
S14: and if the digital certificate does not exist, the server updates the digital certificate according to the digital certificate updating request.
In the embodiment of the invention, if the server determines that the cache queue does not include the request abstract which is the same as the update request abstract by searching the cache queue, the received digital certificate update request can be considered not to be the repeatedly submitted update request, and at the moment, the server can store the update request abstract into the cache queue and update the corresponding digital certificate according to the digital certificate update request.
When the digital certificate is updated, the digital certificate to be updated may be verified according to the information of the digital certificate in the digital certificate update request, so as to determine whether the digital certificate requested to be updated by the terminal device is a valid certificate.
Specifically, when verifying the validity of the digital certificate, the validity period of the digital certificate is verified and the valid state of the digital certificate is verified. If the digital certificate is determined to be within the valid period and the digital certificate is in a valid state, the digital certificate is a valid certificate, otherwise, the digital certificate is an invalid certificate.
And then, if the server determines that the digital certificate corresponding to the digital certificate updating request is a valid certificate, updating the digital certificate according to the request. For example, the digital certificate update request may be generated into a corresponding update service, and the update service is submitted to the CA center to update the corresponding digital certificate, and meanwhile, the updated certificate is revoked, and a new digital certificate is generated.
And finally, the server can obtain the updated digital certificate and send the updated digital certificate to the terminal equipment.
In the embodiment of the invention, after the server updates the digital certificate, the association between the updated digital certificate and the request summary for updating can be established, so that the corresponding digital certificate can be determined by the request summary in the following.
After S13, if it is determined that there is a request digest successfully matching with the update request digest in the cache queue, it indicates that the digital certificate update request is an update request repeatedly issued by the terminal device, that is, the server has received an updated historical digital certificate update request for the same digital certificate within a previous preset time period.
Since the server may have processed previously received historical digital certificate update requests, such as updating digital certificates based on the request, and so forth. The server may obtain a target request digest successfully matched with the update request digest in the cache queue, and determine a processing state corresponding to the target request digest. Furthermore, feedback information corresponding to the digital certificate update request may be determined according to the processing state, and the feedback information may indicate a corresponding processing condition of the server for the digital certificate update request, or may indicate an update result corresponding to the digital certificate update request. When the server processes the digital certificate update request according to the processing state of the target request summary, the following two situations are included but not limited:
the first condition is as follows: the processing state of the request digest is the in-process state.
Namely, the server is processing the digital certificate update request corresponding to the history request digest received in the history, at this time, the server may generate and send feedback information indicating that the digital certificate update request is in a processing progress state to the terminal device, that is, return prompt information being processed to the terminal device.
Case two: the processing state of the request digest is an end state.
That is, it indicates that the server has completed processing the historical update request corresponding to the target request digest, and at this time, the server may obtain the updated digital certificate corresponding to the target request digest according to the association relationship between the request digest and the digital certificate. Further, the server may generate and transmit feedback information including the updated digital certificate to the mobile terminal according to the updated digital certificate.
Therefore, when the server determines that the target request digest which is the same as the update request digest already exists in the cache queue, the server determines the feedback information for the current digital certificate update request by inquiring the processing state corresponding to the target request digest to indicate the processing condition for the digital certificate update request, and the server does not need to repeatedly process the digital certificate according to the update request repeatedly sent by the terminal device, so that only one update request for the digital certificate is guaranteed to be processed at any time.
It should be noted that, in the embodiment of the present invention, in a case that it is determined that the cache queue does not include a request digest that matches the update request digest, the server may further set, when starting to process the digital certificate update request, a processing state of the update request digest stored in the cache queue to "processing being performed", and further, when ending to process the digital certificate update request, may change the processing state of the update request digest from "processing being performed" to "ending processing", and establish a connection between the update request digest and the updated new certificate. And under the condition that the cache queue is determined to include the request abstract matched with the update request abstract, the update request abstract and the target request abstract can have the same abstract identification, the terminal can determine corresponding feedback information according to the processing state of the target request abstract, and meanwhile, the update request abstract can be deleted or discarded.
The following illustrates an application scenario of the technical solution in the embodiment of the present invention by way of example.
As shown in fig. 2, a server in the digital certificate center system receives an update certificate request for a digital certificate sent by a user through a mobile terminal APP, and further obtains information of the digital certificate from the request, including information such as a serial number, a security subject, and a public key, and generates an update request digest.
Furthermore, the server searches whether the same request digest exists in the cache queue according to the update request digest to determine whether the update certificate request is a request repeatedly submitted by the mobile terminal, and the following two conditions exist:
the cache queue does not have the same request abstract, which indicates that the certificate updating request is not a request repeatedly submitted by the mobile terminal.
At this time, the server stores the digest of the update request in the cache queue, submits the certificate update request to subsequent processing, for example, verifies the validity of the digital certificate through RA, updates the digital certificate through the CA center when it is determined that the digital certificate is valid, and associates the updated digital certificate with the cached digest of the corresponding update request.
In the process of processing the certificate update request, the server may also feed back the result of the request processing to the mobile terminal, for example, when the server starts to process the update certificate request, set the processing state corresponding to the update request digest to be processing, for example, set the state flag of the processing state to "1 (indicating a normal processing state)", and feed back prompt information, for example, "the update certificate request is being processed", to the mobile terminal according to the state flag.
Further, when the server completes the request for the update certificate, the server sets the processing state corresponding to the digest of the update request as the end of processing, for example, changes the state flag of the processing state from "1" to "0 (indicating that processing is completed)", and feeds back information representing the processing result, for example, information including the request for the update certificate and/or information indicating that the update processing is completed, to the mobile terminal.
And the same request abstract exists in the cache queue, which indicates that the certificate updating request is a request repeatedly submitted by the mobile terminal.
At this time, the server may further check a processing state corresponding to the same request digest that is cached, and when the processing state is processing, return the prompt information that the update request is processing; when the processing state is the finished processing, the result that the digital certificate has been updated can be fed back to the mobile terminal.
Example two
Based on the same inventive concept, an embodiment of the present invention further provides a server, where the server may perform the method for processing the digital certificate update request in the first embodiment. As shown in fig. 3, the server includes a receiving module 21, a generating module 22, an operating module 23, and an updating module 24.
The receiving module 21 may be configured to receive a digital certificate update request sent by a terminal device, where the digital certificate update request carries information of a digital certificate requested to be updated by the terminal device.
The generating module 22 may be configured to generate a request digest corresponding to the digital certificate update request according to the information of the digital certificate; wherein the request digest is used to uniquely identify the digital certificate update request.
The operation module 23 may be configured to find whether a request digest matching the update request digest exists in the cache queue; wherein, the cache queue stores a request summary corresponding to the historical digital certificate update request.
The updating module 24 may be configured to update the digital certificate according to the digital certificate update request if the cache queue does not have a request digest matching the update request digest.
Optionally, the update module 24 is configured to:
if the cache queue does not have the request abstract matched with the updating request abstract, verifying the digital certificate according to the information of the digital certificate in the digital certificate updating request;
and determining that the digital certificate is verified, and updating the digital certificate.
Optionally, the operation module 23 is further configured to:
storing the update request digest into the cache queue before updating the digital certificate according to the digital certificate update request; and associating the update request digest with the updated digital certificate after updating the digital certificate according to the digital certificate update request.
Optionally, the operation module 23 is further configured to:
after searching whether a request abstract matched with the updating request abstract exists in a cache queue or not, if the request abstract successfully matched with the updating request abstract exists in the cache queue, determining a target request abstract successfully matched with the updating request abstract;
acquiring the processing state of the target request abstract; the processing state is used for indicating the processing condition of a historical digital certificate updating request corresponding to the target request abstract;
and generating and sending feedback information corresponding to the digital certificate updating request to the terminal equipment according to the processing state.
Optionally, the operation module 23 is further configured to:
if the processing state is a processing progress state, generating and sending feedback information for indicating that the digital certificate updating request is in the processing progress state to the mobile terminal; or
And if the processing state is an end state, acquiring an updated digital certificate corresponding to the target request abstract, and generating and sending feedback information including the updated digital certificate to the mobile terminal.
Optionally, the information of the digital certificate includes a serial number, a public key, and security subject information.
EXAMPLE III
In an embodiment of the present invention, a computer apparatus is further provided, which has a structure as shown in fig. 4, and includes a processor 31 and a memory 32, where the processor 31 is configured to implement, when executing a computer program stored in the memory 32, the steps of the method for processing a digital certificate update request provided in the first embodiment of the present invention.
Optionally, the processor 31 may specifically be a central processing unit, an Application Specific Integrated Circuit (ASIC), one or more Integrated circuits for controlling program execution, a hardware Circuit developed by using a Field Programmable Gate Array (FPGA), or a baseband processor.
Optionally, the processor 31 may include at least one processing core.
Optionally, the electronic device further includes a Memory 32, and the Memory 32 may include a Read Only Memory (ROM), a Random Access Memory (RAM), and a disk Memory. The memory 32 is used for storing data required by the processor 31 in operation. The number of the memory 32 is one or more.
Example four
The embodiment of the present invention further provides a computer-readable storage medium, where the computer-readable storage medium stores computer instructions, and when the computer instructions are executed on a computer, the steps of the method for processing a digital certificate update request according to an embodiment of the present invention may be implemented.
In the embodiments of the present invention, it should be understood that the disclosed method and server for processing a digital certificate update request may be implemented in other ways. For example, the above-described embodiments of the apparatus are merely illustrative, and for example, a division of a unit is merely a logical division, and an actual implementation may have another division, for example, a plurality of units or components may be combined or integrated into another system, or some features may be omitted, or not executed. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection through some interfaces, devices or units, and may be in an electrical or other form.
The functional units in the embodiments of the present invention may be integrated into one processing unit, or each unit may be an independent physical module.
The integrated unit, if implemented in the form of a software functional unit and sold or used as a stand-alone product, may be stored in a computer readable storage medium. Based on such understanding, all or part of the technical solutions of the embodiments of the present invention may be embodied in the form of a software product, which is stored in a storage medium and includes instructions for causing a computer device, such as a personal computer, a server, or a network device, or a Processor (Processor), to execute all or part of the steps of the methods of the embodiments of the present invention. And the aforementioned storage medium includes: various media capable of storing program codes, such as a Universal Serial Bus flash drive (USB), a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk, or an optical disk.
The above embodiments are only used to describe the technical solutions of the present invention in detail, but the above embodiments are only used to help understanding the method of the embodiments of the present invention, and should not be construed as limiting the embodiments of the present invention. Variations or substitutions that may be readily apparent to one skilled in the art are intended to be included within the scope of the embodiments of the present invention.
Claims (12)
1. A method of processing a digital certificate update request, comprising:
receiving a digital certificate updating request sent by terminal equipment, wherein the digital certificate updating request carries information of a digital certificate which is requested to be updated by the terminal equipment;
generating an update request abstract corresponding to the digital certificate update request according to the information of the digital certificate; wherein the update request digest is used to uniquely identify the digital certificate update request;
searching whether a request abstract matched with the updating request abstract exists in a cache queue; the cache queue stores a request abstract corresponding to a historical digital certificate update request;
if not, updating the digital certificate according to the digital certificate updating request;
if a request abstract successfully matched with the updating request abstract exists in the cache queue, determining a target request abstract successfully matched with the updating request abstract;
acquiring the processing state of the target request abstract; the processing state is used for indicating the processing condition of a historical digital certificate updating request corresponding to the target request abstract;
generating and sending feedback information corresponding to the digital certificate updating request to the terminal equipment according to the processing state;
wherein, the information carried in the feedback information includes: information indicating respective handling conditions of the digital certificate update request; or, the digital certificate update request corresponds to an update result;
the information of the processing condition includes a processing progress state and a processing end state, and for the processing progress state, the feedback information includes state information indicating that the update request is being processed, and for the processing end state, the feedback information includes the updated digital certificate.
2. The method of claim 1, wherein if not, updating the digital certificate in accordance with the digital certificate update request comprises:
if the cache queue is determined not to have the request abstract matched with the updating request abstract, verifying the digital certificate according to the information of the digital certificate in the digital certificate updating request;
and determining that the digital certificate is verified, and updating the digital certificate.
3. The method of claim 2, wherein if not present, prior to updating the digital certificate in accordance with the digital certificate update request, the method further comprises:
storing the summary of the update request into the cache queue;
after updating the digital certificate in accordance with the digital certificate update request, the method further comprises:
and associating the update request summary with the updated digital certificate.
4. The method of claim 1, wherein generating and sending feedback information corresponding to the digital certificate update request to the terminal device according to the processing status comprises:
if the processing state is a processing progress state, generating and sending feedback information for indicating that the digital certificate updating request is in the processing progress state to the terminal equipment; or
And if the processing state is the ending state, acquiring the updated digital certificate corresponding to the target request abstract, and generating and sending feedback information including the updated digital certificate to the terminal equipment.
5. The method of claim 1, wherein the information of the digital certificate includes a serial number, a public key, and security subject information.
6. A server, comprising:
the system comprises a receiving module, a sending module and a receiving module, wherein the receiving module is used for receiving a digital certificate updating request sent by terminal equipment, and the digital certificate updating request carries information of a digital certificate which is requested to be updated by the terminal equipment;
the generating module is used for generating an updating request abstract corresponding to the digital certificate updating request according to the information of the digital certificate; wherein the request digest is used to uniquely identify the digital certificate update request;
the operation module is used for searching whether a request abstract matched with the updating request abstract exists in the cache queue; the cache queue stores a request abstract corresponding to a historical digital certificate updating request;
the updating module is used for updating the digital certificate according to the digital certificate updating request if the cache queue does not have a request abstract matched with the updating request abstract;
wherein the operation module is further configured to: after searching whether a request abstract matched with the updating request abstract exists in a cache queue or not, if the request abstract successfully matched with the updating request abstract exists in the cache queue, determining a target request abstract successfully matched with the updating request abstract; acquiring the processing state of the target request abstract; the processing state is used for indicating the processing condition of a historical digital certificate updating request corresponding to the target request abstract; generating and sending feedback information corresponding to the digital certificate updating request to the terminal equipment according to the processing state;
the information carried in the feedback information includes: information indicating respective handling conditions of the digital certificate update request; or, the digital certificate update request corresponds to an update result;
the information of the processing condition includes a processing progress state and a processing end state, and for the processing progress state, the feedback information includes state information indicating that the update request is being processed, and for the processing end state, the feedback information includes the updated digital certificate.
7. The server of claim 6, wherein the update module is to:
if the cache queue is determined not to have the request abstract matched with the updating request abstract, verifying the digital certificate according to the information of the digital certificate in the digital certificate updating request;
and determining that the digital certificate is verified, and updating the digital certificate.
8. The server of claim 7, wherein the operations module is further to:
before the digital certificate is updated according to the digital certificate updating request, storing the summary of the updating request into the cache queue; and associating the update request digest with the updated digital certificate after updating the digital certificate according to the digital certificate update request.
9. The server of claim 6, wherein the operations module is further to:
if the processing state is a processing progress state, generating and sending feedback information for indicating that the digital certificate updating request is in the processing progress state to the terminal equipment; or
And if the processing state is the ending state, acquiring the updated digital certificate corresponding to the target request abstract, and generating and sending feedback information including the updated digital certificate to the terminal equipment.
10. The server according to claim 6, wherein the information of the digital certificate includes a serial number, a public key, and security subject information.
11. A computer arrangement, characterized in that the computer arrangement comprises a processor for implementing the method of any one of claims 1-5 when executing a computer program stored in a memory.
12. A computer-readable storage medium having stored thereon computer instructions which, when executed on a computer, cause the computer to perform the method of any one of claims 1-5.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201711308434.8A CN109905243B (en) | 2017-12-11 | 2017-12-11 | Method and server for processing digital certificate updating request |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201711308434.8A CN109905243B (en) | 2017-12-11 | 2017-12-11 | Method and server for processing digital certificate updating request |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN109905243A CN109905243A (en) | 2019-06-18 |
| CN109905243B true CN109905243B (en) | 2022-06-03 |
Family
ID=66942322
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201711308434.8A Active CN109905243B (en) | 2017-12-11 | 2017-12-11 | Method and server for processing digital certificate updating request |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109905243B (en) |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112039979B (en) * | 2020-08-27 | 2023-06-20 | 中国平安财产保险股份有限公司 | Distributed data cache management method, device, equipment and storage medium |
Family Cites Families (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101035135A (en) * | 2007-04-27 | 2007-09-12 | 清华大学 | Digital certificate system applicable to the no/weak local storage client system |
| KR101393012B1 (en) * | 2007-07-03 | 2014-05-12 | 삼성전자주식회사 | System and method for management of license |
| JP6573880B2 (en) * | 2014-06-16 | 2019-09-11 | 富士通株式会社 | Update program and method, and management program and method |
| CN105812388B (en) * | 2016-05-13 | 2018-12-07 | 中国农业银行股份有限公司 | A kind of management method and system of user certificate and private key |
| CN106789004A (en) * | 2016-12-15 | 2017-05-31 | 国云科技股份有限公司 | A kind of network communication method of highly effective and safe |
-
2017
- 2017-12-11 CN CN201711308434.8A patent/CN109905243B/en active Active
Also Published As
| Publication number | Publication date |
|---|---|
| CN109905243A (en) | 2019-06-18 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| JP5989807B2 (en) | Software installation method, device and system | |
| CN108810116B (en) | Message processing method and related product | |
| CN109040099B (en) | Verification method, terminal and system for application | |
| US11778458B2 (en) | Network access authentication method and device | |
| CN110393019B (en) | Method and related device for updating firmware | |
| CN110266658B (en) | Information updating method and device, electronic equipment and storage medium | |
| WO2018223309A1 (en) | Method for verifying and updating euicc firmware version and associated device | |
| US20140302779A1 (en) | Method, device and system for establishing conversation relationship | |
| CN108023881B (en) | Application login method, device, medium and electronic equipment | |
| US9594820B2 (en) | Apparatus, and associated method, for synchronizing a group of data objects | |
| CN109995876B (en) | File transmission method, device, system and computer storage medium | |
| CN112636901B (en) | Identity recognition method, device, storage medium and electronic equipment | |
| CN109905243B (en) | Method and server for processing digital certificate updating request | |
| US20110131630A1 (en) | Service access method and device, service authentication device and terminal based on temporary authentication | |
| CN107342869B (en) | Credible roll calling method and system based on intelligent terminal | |
| JP6566456B1 (en) | Display control system, communication apparatus, display control method, and display control program | |
| WO2023240993A1 (en) | Abnormal positioning solving method and related apparatus | |
| CN104331649A (en) | Identity recognition system and method based on network connection | |
| CN113691520B (en) | Method and device for acquiring streaming media information, storage medium and electronic device | |
| CN107241209B (en) | Data transmission method and equipment | |
| CN111277557B (en) | Real-time communication method, equipment and storage medium | |
| CN110493735B (en) | Short message processing method and device | |
| CN115589571B (en) | Device retrieving method, user equipment, ground satellite equipment and storage medium | |
| CN114143260B (en) | Data transmission system and method, electronic device and storage medium | |
| CN111859406B (en) | Method, device and system for remote authentication |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |