CN114124582A - Method for carrying out SSL/TLS protocol communication by using key-free certificate - Google Patents
Method for carrying out SSL/TLS protocol communication by using key-free certificate Download PDFInfo
- Publication number
- CN114124582A CN114124582A CN202210097277.5A CN202210097277A CN114124582A CN 114124582 A CN114124582 A CN 114124582A CN 202210097277 A CN202210097277 A CN 202210097277A CN 114124582 A CN114124582 A CN 114124582A
- Authority
- CN
- China
- Prior art keywords
- certificate
- sub
- key
- root
- setting
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 38
- 238000004806 packaging method and process Methods 0.000 claims abstract description 4
- 230000008520 organization Effects 0.000 claims description 4
- 230000006870 function Effects 0.000 description 3
- 238000010586 diagram Methods 0.000 description 2
- 238000004519 manufacturing process Methods 0.000 description 2
- 101100217298 Mus musculus Aspm gene Proteins 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 238000009434 installation Methods 0.000 description 1
- 238000004088 simulation Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0823—Network architectures or network communication protocols for network security for authentication of entities using certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/16—Implementing security features at a particular protocol layer
- H04L63/166—Implementing security features at a particular protocol layer at the transport layer
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3263—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
Abstract
The invention discloses a method for carrying out SSL/TLS protocol communication by a key-free certificate, which belongs to the technical field of communication and comprises the steps of generating a root certificate by a java.security.KeyStore software package provided by jdk, setting both the root certificate and a root certificate private key into RootKeystore to generate a sub-certificate, issuing the sub-certificate by a root certificate public key, setting the issued sub-certificate, the sub-certificate private key and the root certificate into Keystore, returning the issued sub-certificate, the sub-certificate private key and the root certificate to a caller, packaging a process into a user's jar file, providing java API service, solving the technical problem that a key object instance is directly acquired by API and an entity file is not needed, and reducing the code amount in the code level.
Description
Technical Field
The invention belongs to the technical field of communication, and relates to a method for carrying out SSL/TLS protocol communication by a key-free certificate.
Background
With the importance of network communication security, the mainstream is communicated through TLS/SSL encryption, and the mainstream such as https, ssh, slpap and the like uses TLS/SSL encryption. In addition, software-based communications such as kubernets are also based on the TLS/SSL protocol.
The prior art comprises the following specific steps:
1. currently, a TLS/SSL server is deployed, and generally, the certificate is purchased in two ways, or a free certificate is applied. Then, after paying money or passing free application, a storage file called keystore is given, and the storage file contains (certificate and private key).
2. The keystore file is generated by openSSL or similar software.
3. This keystore file is then loaded, and the TLS/SSL service is then provided.
However, the above process is too cumbersome and error-prone, for example, installation of kubernets would require manual generation of certificates by third party software.
Disclosure of Invention
The invention aims to provide a method for carrying out SSL/TLS protocol communication by using a key-free certificate, which solves the defects of the prior art.
In order to achieve the purpose, the invention adopts the following technical scheme:
a method for carrying out SSL/TLS protocol communication by using a key-free certificate comprises the following steps:
step 1: generating a root certificate through a java.security.keystore software package provided by jdk, wherein the root certificate comprises a root certificate key pair, the root certificate key pair is used for generating a root certificate public key and a root certificate private key, and after the root certificate key generates the root certificate private key, setting both the root certificate and the root certificate private key into a RootKeystore;
step 2: after a user provides a certificate signing request, generating a sub-certificate which is used as a certificate signed for the user, initializing information of the sub-certificate, wherein the sub-certificate comprises a sub-certificate key pair which is used for generating a sub-certificate public key and a sub-certificate private key;
generating a root certificate public key through a root certificate key pair in the RootKeystore, and issuing a sub-certificate through the root certificate public key;
after generating a sub-certificate private key through a certificate key pair, setting the issued sub-certificate, the sub-certificate private key and a root certificate into a Keystore, and returning the issued sub-certificate, the sub-certificate private key and the root certificate to a calling party;
and step 3: and (3) packaging the flows of the step (1) and the step (2) into a user old.
Preferably, when step 1 is executed, the method specifically includes the following steps:
step S1-1: constructing a root certificate key pair;
step S1-2: specifying a root certificate key pair length;
step S1-3: initializing certificate information of a certificate required to be issued by a user, wherein the certificate information comprises a country, an address, a street and an organization;
step S1-4: setting a signature algorithm;
step S1-5: constructing a root certificate information instance and setting a certificate version number;
step S1-6: setting a root certificate serial number;
step S1-7: setting a root certificate signing algorithm oid;
step S1-8: setting root certificate information;
step S1-9: setting a root certificate expiration time;
step S1-10: setting a root certificate issuer;
step S1-11: setting a root certificate public key, wherein the root certificate public key is generated by a root certificate secret key pair;
step S1-12: signing the certificate with a serial number and a root certificate private key, the root certificate private key being generated by a root certificate private key pair;
step S1-13: and setting the issued certificate and the private key into the RootKeystore.
Preferably, when step 2 is executed, the method specifically includes the following steps:
step S2-1: generating a sub-certificate;
step S2-2: constructing a sub-certificate key pair, wherein the sub-certificate key pair is used for generating a sub-certificate public key and a sub-certificate private key;
step S2-3: specifying a sub-certificate key pair length;
step S2-4: setting a signature algorithm;
step S2-5: initializing certificate information of a certificate required to be issued by a user;
step S2-6: constructing a sub-certificate information instance and setting a certificate version number;
step S2-7: setting a root certificate serial number;
step S2-8: setting a root certificate order signature algorithm oid;
step S2-9: setting sub-certificate information;
step S2-10: setting a sub-expiration time;
step S2-11: setting an issuer as RootKeyStore;
step S2-12: setting a sub-certificate public key, wherein the sub-certificate public key is generated by a sub-certificate secret key pair;
step S2-13: acquiring a root certificate public key of the root certificate from the RootKeystore in the step 1, and issuing a sub-certificate according to the root certificate public key;
step S2-14: and setting the issued sub-certificate, the sub-certificate private key and the root certificate into a keystore, and returning to a caller.
Preferably, when step S2-14 is executed, the data returned to the caller is a keystore object in java, and no file is generated.
Preferably, when step 3 is executed, the flows of step 1 and step 2 are packaged into a user id.
The invention has the beneficial effects that:
the method for carrying out SSL/TLS protocol communication by the key-free certificate solves the technical problem that the key object instance is directly obtained through API and an entity file is not needed, the method does not need a user to care about the key file production mode and the burden of storing and managing the key file, and does not need to read and write the related key file at the code level, thereby reducing the code amount.
Drawings
FIG. 1 is a system architecture diagram of the present invention as applied to a java API service;
FIG. 2 is a flow chart of the present invention;
fig. 3 is a diagram comparing the flow between the present invention and the prior art.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
1-3, a method for making SSL/TLS protocol communication by using a key-free certificate includes the following steps:
step 1: after a user puts forward a certificate signing request, a root certificate is generated through a java.security.KeyStore software package provided by jdk, the root certificate comprises a root certificate key pair, the root certificate key pair is used for generating a root certificate public key and a root certificate private key, and after the root certificate key generates the root certificate private key, the root certificate and the root certificate private key are both arranged in a RootKeystore and returned to a calling party;
step 2: generating a sub-certificate which is used as a certificate signed and issued for a user, initializing information of the sub-certificate, wherein the sub-certificate comprises a sub-certificate key pair which is used for generating a sub-certificate public key and a sub-certificate private key;
generating a root certificate public key through a root certificate key pair in the RootKeystore, and issuing a sub-certificate through the root certificate public key;
after generating a sub-certificate private key through a certificate key pair, setting the issued sub-certificate, the sub-certificate private key and a root certificate into a RootKeystore;
and step 3: and (3) packaging the flows of the step (1) and the step (2) into a user old.
As shown in fig. 1, the client device may be a computer, a mobile phone or a tablet computer, the client establishes communication with the TLS/SSL server based on TLS/SSL encrypted communication, and the Keystore service of the present invention is installed in a central service, so as to provide a Keystore file stream, so as to provide a java API service, during the actual application process, the user may also integrate user _ jar into a java project of the user, and then the user directly calls the getKeyStore () function to return a Keystore object, or publish a user _ jar file as a service, and the client accesses the service through an http protocol to obtain the Keystore file stream.
The client device may be linux, mac, windows, etc., and the client development software may be java, python, c + +, etc.
When step 1 is executed, the method specifically comprises the following steps:
step S1-1: constructing a root certificate key pair;
step S1-2: specifying a root certificate key pair length, which in this embodiment is 1024 lengths;
step S1-3: initializing certificate information of a certificate required to be issued by a user, wherein the certificate information comprises a country, an address, a street and an organization; since the root certificate issues itself at this time, the certificate information of the root certificate is initialized.
Step S1-4: a signature algorithm is set, and in the embodiment, an SHA1withRSA algorithm can be adopted;
step S1-5: constructing a root certificate information instance and setting a certificate version number, which is a V1 version at the moment;
step S1-6: setting a root certificate serial number, which is a random integer in the embodiment;
step S1-7: setting a root certificate signing algorithm oid;
step S1-8: setting root certificate information;
step S1-9: setting the expiration time of the root certificate, wherein the time in the embodiment is permanent;
step S1-10: setting a root certificate issuer, wherein in the embodiment, the issuer is set as a self, that is, an object for generating a root certificate;
step S1-11: setting a root certificate public key, wherein the root certificate public key is generated by a root certificate secret key pair;
step S1-12: signing the certificate with a serial number and a root certificate private key, the root certificate private key being generated by a root certificate private key pair; in this embodiment, the issuance of the root certificate is actually the issuance of the root certificate generated by the object that generates the root certificate.
Step S1-13: and setting the issued certificate and the private key into the RootKeystore.
When step 2 is executed, the method specifically comprises the following steps:
step S2-1: generating a sub-certificate;
step S2-2: constructing a sub-certificate key pair, wherein the sub-certificate key pair is used for generating a sub-certificate public key and a sub-certificate private key;
step S2-3: specifying a sub-certificate key pair length;
step S2-4: setting a signature algorithm, wherein the embodiment may adopt SHA1 withRSA;
step S2-5: initializing the certificate information of the certificate required to be issued by the user, (including country, address, street, organization, etc., in this embodiment, a virtual identifier may be randomly generated in the memory), here, the root certificate issues the sub-certificate, so the certificate information of the sub-certificate is initialized here.
Step S2-6: constructing a sub-certificate information instance, and setting a certificate version number, which is a V3 version at the moment;
step S2-7: setting a root certificate serial number, which is a randomly generated integer in this embodiment;
step S2-8: setting a root certificate order signature algorithm oid;
step S2-9: setting sub-certificate information;
step S2-10: setting a sub-expiration time, wherein the time in the embodiment is permanent;
step S2-11: setting an issuer as RootKeyStore;
step S2-12: setting a sub-certificate public key, wherein the sub-certificate public key is generated by a sub-certificate secret key pair;
step S2-13: acquiring a root certificate public key of the root certificate from the RootKeystore in the step 1, and issuing a sub-certificate according to the root certificate public key;
step S2-14: and setting the issued sub-certificate, the sub-certificate private key and the root certificate into a keystore, and returning to a caller.
Preferably, when step S2-14 is executed, the data returned to the caller is a keystore object in java, and no file is generated.
In executing step 3, the flow of step 1 and step 2 is packaged as a useld. jar file by the method of the getKeyStore () function.
As shown in fig. 3, which is a flowchart comparing the method of the present invention with the prior art, it can be seen that when the method of the present invention is used, a user only needs to acquire a KeyStore object through the getKeyStore () function, whereas if the method of the prior art is used, a KeyStore file needs to be first generated by scaling or using a tool, then uploaded to a server disk, and then the KeyStore object can be acquired from a KeyStore.
In this embodiment, taking a java mvn project as a specific example, the implementation steps are as follows:
the java mvn project includes a pom. xml file describing how a third party package needs to be introduced:
<dependency>
< | group Id >
<groupld>org.thirdparty</groupld>
<! - -package name, such as the user-provided software package name used >
<artifactld>ushied</artifactld>
< | software Package version >
<version>2.4<version>。
If the native socket is used, the method can be operated as follows:
the code is simulated based on the client code under the scene of a native socket;
establishing an SSL context;
SSLContext ctx = SSLContext.getInstance("SSL");
// establishing key management factory
KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");
Establishing a keystore object through an API generated by the method;
KeyStore ks = UShield.getKeyStore();
initializing a key management factory with a key object returned by the API generated by the invention;
kmf.init(ks, UShield.PRIVATEKEYPASS.toCharArray());
tmf.init(tks);
v/key management factory initializes SSL context;
ctx.init(kmf.getKeyManagers(), null, null);
v/start an SSL/TLS service, and end the simulation;
serverSocket = (SSLServerSocket) ctx.getServerSocketFactory().createServerSocket(DEFAULT_PORT)。
if native NIO communication is used, only:
the code is simulated based on the client code using the native NIO scenario;
establishing an SSL context;
SSLContext ctx = SSLContext.getInstance("SSL");
v/building a key management factory;
KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");
establishing a keystore object through an API generated by the method;
KeyStore ks = UShield.getKeyStore();
initializing a key management factory with a key object returned by the API generated by the invention;
kmf.init(ks, UShield.PRIVATEKEYPASS.toCharArray());
tmf.init(tks);
v/key management factory initializes SSL context;
ctx.init(kmf.getKeyManagers(), null, null);
establishing an SSL engine corresponding to the NIO by using the SSL context;
SSLEngine SSLEngine = SSLContext.createSSLEngine(getRemoteAddress().getHostString(),getRemoteAddress().getPort())。
if a third party java framework wants to use the method provided by the invention, the specific steps are as follows, taking OKHttpClient as an example:
the code is simulated based on the client code under the scene of the native OKHttpClient software;
establishing an SSL context;
SSLContext ctx = SSLContext.getInstance("SSL");
v/building a key management factory;
KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");
establishing a keystore object through an API generated by the method;
KeyStore ks = UShield.getKeyStore();
initializing a key management factory with a key object returned by the API generated by the invention;
kmf.init(ks, UShield.PRIVATEKEYPASS.toCharArray());
tmf.init(tks);
v/key management factory initializes SSL context;
ctx.init(kmf.getKeyManagers(), null, null);
v/build OkHttpClient object using SSL context;
OkHttpClient clinet = new OkHttpClient.Builder().SSLSocketFactory(ctx.getSocketFactory(), null).build()。
the method for carrying out SSL/TLS protocol communication by the key-free certificate solves the technical problem that the key object instance is directly obtained through API and an entity file is not needed, the method does not need a user to care about the key file production mode and the burden of storing and managing the key file, and does not need to read and write the related key file at the code level, thereby reducing the code amount.
Claims (5)
1. A method for conducting SSL/TLS protocol communications using a keystore-free certificate, the method comprising: the method comprises the following steps:
step 1: generating a root certificate through a java.security.keystore software package provided by jdk, wherein the root certificate comprises a root certificate key pair, the root certificate key pair is used for generating a root certificate public key and a root certificate private key, and after the root certificate key generates the root certificate private key, setting both the root certificate and the root certificate private key into a RootKeystore;
step 2: generating a sub-certificate which is used as a certificate signed and issued for a user, initializing information of the sub-certificate, wherein the sub-certificate comprises a sub-certificate key pair which is used for generating a sub-certificate public key and a sub-certificate private key;
generating a root certificate public key through a root certificate key pair in the RootKeystore, and issuing a sub-certificate through the root certificate public key;
after generating a sub-certificate private key through a certificate key pair, setting the issued sub-certificate, the sub-certificate private key and a root certificate into a Keystore, and returning the issued sub-certificate, the sub-certificate private key and the root certificate to a calling party;
and step 3: and (3) packaging the flows of the step (1) and the step (2) into a user old.
2. The method of claim 1, wherein the keystore-free certificate is used for SSL/TLS protocol communication, and wherein: when step 1 is executed, the method specifically comprises the following steps:
step S1-1: constructing a root certificate key pair;
step S1-2: specifying a root certificate key pair length;
step S1-3: initializing certificate information of a certificate required to be issued by a user, wherein the certificate information comprises a country, an address, a street and an organization;
step S1-4: setting a signature algorithm;
step S1-5: constructing a root certificate information instance and setting a certificate version number;
step S1-6: setting a root certificate serial number;
step S1-7: setting a root certificate signing algorithm oid;
step S1-8: setting root certificate information;
step S1-9: setting a root certificate expiration time;
step S1-10: setting a root certificate issuer;
step S1-11: setting a root certificate public key, wherein the root certificate public key is generated by a root certificate secret key pair;
step S1-12: signing the certificate with a serial number and a root certificate private key, the root certificate private key being generated by a root certificate private key pair;
step S1-13: and setting the issued certificate and the private key into the RootKeystore.
3. The method of claim 2, wherein the key-free certificate is used for SSL/TLS protocol communication, and wherein: when step 2 is executed, the method specifically comprises the following steps:
step S2-1: generating a sub-certificate;
step S2-2: constructing a sub-certificate key pair, wherein the sub-certificate key pair is used for generating a sub-certificate public key and a sub-certificate private key;
step S2-3: specifying a sub-certificate key pair length;
step S2-4: setting a signature algorithm;
step S2-5: initializing certificate information of a certificate required to be issued by a user;
step S2-6: constructing a sub-certificate information instance and setting a certificate version number;
step S2-7: setting a root certificate serial number;
step S2-8: setting a root certificate order signature algorithm oid;
step S2-9: setting sub-certificate information;
step S2-10: setting a sub-expiration time;
step S2-11: setting an issuer as RootKeyStore;
step S2-12: setting a sub-certificate public key, wherein the sub-certificate public key is generated by a sub-certificate secret key pair;
step S2-13: acquiring a root certificate public key of the root certificate from the RootKeystore in the step 1, and issuing a sub-certificate according to the root certificate public key;
step S2-14: and setting the issued sub-certificate, the sub-certificate private key and the root certificate into a keystore, and returning to a caller.
4. The method of claim 3, wherein the keystore-free certificate is used for SSL/TLS protocol communication, and wherein the method comprises: in executing step S2-14, the data returned to the caller is the keystore object in java, and no file is generated.
5. The method of claim 2, wherein the key-free certificate is used for SSL/TLS protocol communication, and wherein: in executing step 3, the flow of step 1 and step 2 is packaged as a useld. jar file by the method of the getKeyStore () function.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210097277.5A CN114124582B (en) | 2022-01-27 | 2022-01-27 | Method for carrying out SSL/TLS protocol communication by using key-free certificate |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210097277.5A CN114124582B (en) | 2022-01-27 | 2022-01-27 | Method for carrying out SSL/TLS protocol communication by using key-free certificate |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN114124582A true CN114124582A (en) | 2022-03-01 |
| CN114124582B CN114124582B (en) | 2022-04-01 |
Family
ID=80361796
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210097277.5A Active CN114124582B (en) | 2022-01-27 | 2022-01-27 | Method for carrying out SSL/TLS protocol communication by using key-free certificate |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114124582B (en) |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1697365A (en) * | 2005-03-04 | 2005-11-16 | 南京邮电学院 | Secure transmission method oriented to mobile agent |
| US20090240936A1 (en) * | 2008-03-20 | 2009-09-24 | Mark Lambiase | System and method for storing client-side certificate credentials |
| CN103107996A (en) * | 2013-02-07 | 2013-05-15 | 北京中视广信科技有限公司 | On-line download method and system of digital certificate and digital certificate issuing platform |
| CN109905239A (en) * | 2019-03-07 | 2019-06-18 | 亚数信息科技(上海)有限公司 | A kind of certificate management method and device |
| CN111934884A (en) * | 2020-07-22 | 2020-11-13 | 中国联合网络通信集团有限公司 | Certificate management method and device |
-
2022
- 2022-01-27 CN CN202210097277.5A patent/CN114124582B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1697365A (en) * | 2005-03-04 | 2005-11-16 | 南京邮电学院 | Secure transmission method oriented to mobile agent |
| US20090240936A1 (en) * | 2008-03-20 | 2009-09-24 | Mark Lambiase | System and method for storing client-side certificate credentials |
| CN103107996A (en) * | 2013-02-07 | 2013-05-15 | 北京中视广信科技有限公司 | On-line download method and system of digital certificate and digital certificate issuing platform |
| CN109905239A (en) * | 2019-03-07 | 2019-06-18 | 亚数信息科技(上海)有限公司 | A kind of certificate management method and device |
| CN111934884A (en) * | 2020-07-22 | 2020-11-13 | 中国联合网络通信集团有限公司 | Certificate management method and device |
Non-Patent Citations (2)
| Title |
|---|
| IT超级码农: "利用openssl构建根证书-服务器证书-客户证书", 《博客园》 * |
| 无: "为https请求配置ssl(不用keystore,直接用证书,java代码)", 《码农教程》 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN114124582B (en) | 2022-04-01 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN112511566B (en) | SM9 algorithm certificateless mechanism signature key generation method, equipment and storage medium | |
| CN104519066B (en) | A kind of method for activating mobile terminal token | |
| CN104170312B (en) | For using the method and apparatus that hardware security engine is securely communicated by network | |
| EP2606605B1 (en) | Authentication device and system | |
| CN112637278A (en) | Data sharing method and system based on block chain and attribute-based encryption and computer readable storage medium | |
| CN106789033B (en) | Electronic contract signing method based on certificateless bookmark encryption | |
| US11716206B2 (en) | Certificate based security using post quantum cryptography | |
| CN110362990A (en) | Using the security processing of installation, apparatus and system | |
| CN109617675B (en) | Method and system for authenticating identifiers of both sides between charge and discharge facility and user terminal | |
| CN112084521B (en) | Unstructured data processing method, device and system for block chain | |
| CN111464315B (en) | Digital signature processing method, device, computer equipment and storage medium | |
| CN112839041B (en) | Block chain-based power grid identity authentication method, device, medium and equipment | |
| CN113507513B (en) | Zk-snark-based ubiquitous power Internet of things transaction data management method | |
| US20220353074A1 (en) | Systems and methods for minting a physical device based on hardware unique key generation | |
| CN110505056B (en) | Collaborative signature method and device supporting trusted display | |
| CN108446539B (en) | Software authorization method and software authorization file generation system | |
| CN114124582B (en) | Method for carrying out SSL/TLS protocol communication by using key-free certificate | |
| CN103139737B (en) | Cryptographic key negotiation method and device, note secondary-confirmation method, system and equipment | |
| CN102664735A (en) | Implementation method for secure session of mobile phone lottery system based on public key | |
| CN113472783B (en) | Block chain cipher certificate service method, system, storage medium and device | |
| EP2215800A1 (en) | Method of authenticating a user accessing a remote server from a computer | |
| Vatra | Public key infrastructure for public administration in Romania | |
| CN110460604B (en) | Cloud storage encryption, decryption and verification method and system | |
| CN103716328A (en) | Operation request processing method and system | |
| CN113179169A (en) | Digital certificate management method and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20231114 Address after: 518000, Building D, Building 528, Huayuan Science and Technology Innovation Park, Baosheng Industrial Zone, Labor Community, Xixiang Street, Bao'an District, Shenzhen, Guangdong Province Patentee after: Shenzhen Yunxinteng Technology Co.,Ltd. Address before: 210012 1st floor, building A1, 118 software Avenue, Yuhuatai District, Nanjing City, Jiangsu Province Patentee before: JIANGSU QIANMI NETWORK TECHNOLOGY CO.,LTD. |