CN114826609B

CN114826609B - Electronic certificate management method, device and system based on blockchain and storage medium

Info

Publication number: CN114826609B
Application number: CN202210356933.9A
Authority: CN
Inventors: 张涛; 代平; 左思图
Original assignee: Ant Blockchain Technology Shanghai Co Ltd
Current assignee: Ant Blockchain Technology Shanghai Co Ltd
Priority date: 2022-04-06
Filing date: 2022-04-06
Publication date: 2024-03-26
Anticipated expiration: 2042-04-06
Also published as: CN114826609A

Abstract

One or more embodiments of the present specification disclose a method, apparatus, and system for electronic certificate management based on blockchain. The method is applied to a certificate issuing platform, the certificate issuing platform accessing a blockchain system, the method comprising: acquiring an electronic certificate template corresponding to a certificate issuing organization and identity information of a acquirer of a certificate acquirer; the electronic certificate template is a template which passes through verification of an operation platform; generating an electronic certificate corresponding to the certificate acquirer according to the electronic certificate template and the identity information of the acquirer; and uploading the electronic certificate and the identity information of the acquirer to the blockchain system in a correlated way, and sending the electronic certificate to a client corresponding to the certificate acquirer, so that the certificate acquirer acquires the electronic certificate through the client.

Description

Electronic certificate management method, device and system based on blockchain and storage medium

Technical Field

The present disclosure relates to the field of blockchain technologies, and in particular, to a blockchain-based electronic certificate management method, device, and system.

Background

Blockchain (Blockchain) is a new application mode of computer technologies such as distributed data storage, point-to-point transmission, consensus mechanisms, encryption algorithms, and the like. Blockchains are an important concept of bitcoin, which is essentially a de-centralized database. In the block chain system, the data blocks are combined into a chain data structure in a sequential connection mode according to the time sequence, and the distributed account book which is not tamperable and counterfeit and is ensured in a cryptographic mode is formed. Because of the characteristics of decentralization, information non-tamper-evident property, autonomy, independence and the like, blockchains are increasingly valued and applied by people.

Disclosure of Invention

In one aspect, one or more embodiments of the present description provide a blockchain-based electronic certificate management method applied to a certificate issuing platform that accesses a blockchain system; the method comprises the following steps: the method comprises the steps of obtaining an electronic certificate template corresponding to a certificate issuing mechanism and identity information of a acquirer of a certificate acquirer, wherein the electronic certificate template is a template passing through verification of an operation platform. And generating an electronic certificate corresponding to the certificate acquirer according to the electronic certificate template and the identity information of the acquirer. And uploading the electronic certificate and the identity information of the acquirer to the blockchain system in a correlated way, and sending the electronic certificate to a client corresponding to the certificate acquirer, so that the certificate acquirer acquires the electronic certificate through the client.

In another aspect, one or more embodiments of the present disclosure provide a blockchain-based electronic certificate management method, applied to a client, where the client accesses a blockchain system; the method comprises the following steps: and receiving a request for picking up the electronic certificate sent by a certificate picking up party, wherein the request for picking up the electronic certificate carries certificate identification information of the electronic certificate, and the electronic certificate is generated through an electronic certificate template which corresponds to a certificate issuing organization and is checked and passed by the operation platform. And displaying the electronic certificate corresponding to the certificate identification information to the certificate acquirer according to the acquisition request. And uploading the acquisition event information of the electronic certificate to the blockchain system so that the acquisition event information and the electronic certificate are associated and stored in the blockchain system.

In yet another aspect, one or more embodiments of the present specification provide a blockchain-based electronic certificate management apparatus for use with a certificate issuing platform that accesses a blockchain system; the device comprises: the first acquisition module acquires an electronic certificate template corresponding to a certificate issuing organization and identity information of a acquirer of a certificate acquirer, wherein the electronic certificate template is a template passing through verification of an operation platform. And the first generation module is used for generating the electronic certificate corresponding to the certificate acquirer according to the electronic certificate template and the identity information of the acquirer. And the first uplink module is used for uploading the electronic certificate and the identity information of the acquirer to the blockchain system in a correlated way, and sending the electronic certificate to a client corresponding to the certificate acquirer so that the certificate acquirer acquires the electronic certificate through the client.

In yet another aspect, one or more embodiments of the present specification provide a blockchain-based electronic certificate management device for use with a client that accesses a blockchain system; the device comprises: the first receiving module is used for receiving a picking request for the electronic certificate sent by a certificate picking party, wherein the picking request carries the identity information of the picking party of the certificate picking party, and the electronic certificate is generated through an electronic certificate template which corresponds to a certificate issuing mechanism and is checked and passed by the operation platform. And the first display module displays the electronic certificate corresponding to the certificate identification information to the certificate acquirer according to the acquisition request. And the second uplink module is used for uploading the acquisition event information of the electronic certificate to the blockchain system so that the acquisition event information and the electronic certificate are associated and stored in the blockchain system.

In yet another aspect, one or more embodiments of the present specification provide a blockchain-based electronic certificate management system including a certificate issuing platform and an operating platform, both of which access a blockchain system. Wherein: and the operation platform is used for auditing the electronic certificate template which is generated by the certificate issuing platform and corresponds to the certificate issuing organization. If the audit is passed, it is determined that the certificate authority can issue an electronic certificate using the electronic certificate template. The certificate issuing platform acquires the electronic certificate template corresponding to the certificate issuing organization and the identity information of the acquirer of the certificate acquirer. And generating an electronic certificate corresponding to the certificate acquirer according to the electronic certificate template and the identity information of the acquirer. And uploading the electronic certificate and the identity information of the acquirer to the blockchain system in a correlated way, and sending the electronic certificate to a client corresponding to the certificate acquirer, so that the certificate acquirer acquires the electronic certificate through the client.

In yet another aspect, one or more embodiments of the present specification provide a blockchain-based electronic certificate management device applied to a certificate issuing platform that accesses a blockchain system; the apparatus includes a processor and a memory electrically connected to the processor, the memory storing a computer program, the processor for invoking and executing the computer program from the memory to implement: the method comprises the steps of obtaining an electronic certificate template corresponding to a certificate issuing mechanism and identity information of a acquirer of a certificate acquirer, wherein the electronic certificate template is a template passing through verification of an operation platform. And generating an electronic certificate corresponding to the certificate acquirer according to the electronic certificate template and the identity information of the acquirer. And uploading the electronic certificate and the identity information of the acquirer to the blockchain system in a correlated way, and sending the electronic certificate to a client corresponding to the certificate acquirer, so that the certificate acquirer acquires the electronic certificate through the client.

In yet another aspect, one or more embodiments of the present specification provide a blockchain-based electronic certificate management device for use with a client that accesses a blockchain system; the apparatus includes a processor and a memory electrically connected to the processor, the memory storing a computer program, the processor for invoking and executing the computer program from the memory to implement: and receiving a picking request for an electronic certificate sent by a certificate pick-up, wherein the picking request carries the identity information of the pick-up party of the certificate pick-up, and the electronic certificate is generated through an electronic certificate template which corresponds to a certificate issuing mechanism and is checked and passed by the operation platform. And displaying the electronic certificate corresponding to the certificate identification information to the certificate acquirer according to the acquisition request. And uploading the acquisition event information of the electronic certificate to the blockchain system so that the acquisition event information and the electronic certificate are associated and stored in the blockchain system.

In yet another aspect, the present description provides a storage medium storing a computer program executable by a processor to implement the following flow: the method comprises the steps of obtaining an electronic certificate template corresponding to a certificate issuing mechanism and identity information of a acquirer of a certificate acquirer, wherein the electronic certificate template is a template passing through verification of an operation platform. And generating an electronic certificate corresponding to the certificate acquirer according to the electronic certificate template and the identity information of the acquirer. And uploading the electronic certificate and the identity information of the acquirer to the blockchain system in a correlated way, and sending the electronic certificate to a client corresponding to the certificate acquirer, so that the certificate acquirer acquires the electronic certificate through the client.

In yet another aspect, the present description provides a storage medium storing a computer program executable by a processor to implement the following flow: and receiving a picking request for an electronic certificate sent by a certificate pick-up, wherein the picking request carries the identity information of the pick-up party of the certificate pick-up, and the electronic certificate is generated through an electronic certificate template which corresponds to a certificate issuing mechanism and is checked and passed by the operation platform. And displaying the electronic certificate corresponding to the certificate identification information to the certificate acquirer according to the acquisition request. And uploading the acquisition event information of the electronic certificate to the blockchain system so that the acquisition event information and the electronic certificate are associated and stored in the blockchain system.

Drawings

In order to more clearly illustrate one or more embodiments of the present specification or the prior art, the drawings that are required for the description of the embodiments or the prior art will be briefly described, and it is apparent that the drawings in the following description are only some embodiments described in one or more embodiments of the present specification, and other drawings may be obtained according to these drawings without inventive effort for a person of ordinary skill in the art.

FIG. 1 is a schematic scene diagram of a blockchain-based electronic certificate management system in accordance with an embodiment of the present specification;

FIG. 2 is a schematic architectural diagram of a blockchain-based electronic certificate management system in accordance with an embodiment of the present description;

FIG. 3 is a schematic flow chart diagram of a blockchain-based electronic certificate management method in accordance with an embodiment of the present disclosure;

FIG. 4 is a schematic flow chart diagram of a blockchain-based electronic certificate management method in accordance with another embodiment of the present description;

FIG. 5 is a schematic swim lane diagram of a blockchain-based electronic certificate management method in accordance with an embodiment of the present description;

FIG. 6 is a schematic swim lane diagram of a blockchain-based electronic certificate management method in accordance with another embodiment of the present description;

FIG. 7 is a schematic block diagram of a blockchain-based electronic certificate management device in accordance with an embodiment of the present disclosure;

FIG. 8 is a schematic block diagram of a blockchain-based electronic certificate management device in accordance with another embodiment of the present description;

Fig. 9 is a schematic block diagram of a blockchain-based electronic certificate management device in accordance with an embodiment of the present specification.

Detailed Description

One or more embodiments of the present disclosure provide a method, an apparatus, and a system for managing electronic certificates based on blockchain, so as to solve the problem that the existing electronic certificate management mechanism is poor.

In order to enable a person skilled in the art to better understand the technical solutions in one or more embodiments of the present specification, the technical solutions in one or more embodiments of the present specification will be clearly and completely described below with reference to the drawings in one or more embodiments of the present specification, and it is obvious that the described embodiments are only some embodiments of the present specification, not all embodiments. All other embodiments, which may be made by one of ordinary skill in the art based on one or more embodiments of the present disclosure without departing from the scope of the invention as defined by the claims.

The electronic certificate management method based on the blockchain is applied to an electronic certificate management system shown in fig. 1, wherein the electronic certificate management system comprises a blockchain system, a certificate issuing platform and an operation platform. The system comprises a certificate issuing platform, an operation platform and a block chain system, wherein the certificate issuing platform and the operation platform are both connected with the block chain system, the block chain system comprises a plurality of block chain nodes, and the certificate issuing platform and the operation platform can be connected with different block chain nodes respectively. The certificate issuing platform can provide certificate element information for generating the electronic certificate templates for each certificate issuing organization, and when the certificate issuing organization wants to generate the electronic certificate templates by utilizing the certificate issuing platform, all or part of the certificate element information provided by the certificate issuing platform and certificate signature information corresponding to the certificate issuing organization can be selected to generate the electronic certificate templates. Optionally, after the electronic certificate template is generated, the operation platform can audit the electronic certificate template, and after the electronic certificate template passes the audit, the certificate issuing authority can use the electronic certificate template to issue the electronic certificate to the user, and store the electronic certificate to be issued in the blockchain system. In the process of issuing the electronic certificate, from the process of issuing the certificate to the process of picking up the certificate, the whole period flow can be stored in a blockchain system, and the process of generating the electronic certificate on the certificate issuing platform, the identity authentication process of a certificate picking up party, the record of picking up the electronic certificate by the certificate picking up party and the like can be traced back through the blockchain system, so that a whole data flow record is formed, and the safety and the reliability of data in the process of issuing the electronic certificate are ensured.

Fig. 2 is a schematic architecture design diagram of an electronic certificate management system according to an embodiment of the present disclosure. As shown in fig. 2, the architecture of the electronic certificate management system includes an access layer, an application layer, a core layer, a storage layer, and external dependencies. Wherein:

The access layer provides access entrance for the user, and can be used for obtaining the identity information of the user, carrying out identity verification based on the identity information and the like. One possible way is: an access portal is provided for a user through a front-end client. The access layer includes a login module (e.g., single sign on SSO), an authentication module, and a console (or certificate issuing front end) of the certificate issuing platform. The login module can be used for login operation of related authority personnel (such as second operation party) of the operation platform, for example, the second operation party can log in the operation platform by providing login information aiming at the operation platform through an SSO interface. The identity verification module can be used for acquiring identity information of a user (such as a C-terminal user) and performing identity verification based on the identity information. The console (or certificate issuing front end) of the certificate issuing platform may be used for a certificate issuing authority (or authority manager) to register the certificate issuing platform by providing registration information or to log in to the certificate issuing platform by providing login information.

The application layer is used for interfacing with the service scene application, and the capability of the core layer is used for realizing different service scene customization requirements. The application layer relates to application functions of an operation platform and a certificate issuing platform, wherein the operation platform realizes auditing of an electronic certificate template through the application layer, and the certificate issuing platform can realize management of the electronic certificate template, management of an electronic certificate, information management of a signing party (such as a certificate issuing authority, a third party signing party and the like), management of certificate element information and the like through the application layer.

the core layer is used for realizing core services of the operation platform, including issuing of the electronic certificate, checking of the electronic certificate, revocation of the electronic certificate and the like, and further including management of a use record, an authorization record and a management record of the electronic certificate.

The storage layer provides the underlying storage services of the certificate issuing platform and may be implemented using one or more of OSS (object store), RDS (Relational Database Service ), dis (a key-value database), and the like. The storage layer may be used to store the acquirer identity information of the certificate acquirer.

External dependencies mainly include dependencies on DIS (Distributed Input System ) services, which have distributed identities and VC (Verifiable Claims ) issuance capability. Through the DIS service, distributed execution of various actions involved in the electronic certificate management flow and issuance of VC can be realized.

Based on the architecture design of the electronic certificate management system, the electronic certificate referred to in one or more embodiments of the present disclosure may be a common certificate or a VC.

Based on the architecture design of the electronic certificate management system shown in fig. 1 and the electronic certificate management system shown in fig. 2, the implementation manner of the electronic certificate management method based on the blockchain will be described in detail.

FIG. 3 is a schematic flow chart of a blockchain-based electronic certificate management method applied to a certificate issuing platform accessing a blockchain system, as shown in FIG. 3, according to an embodiment of the present disclosure, including the following steps S302-S306:

S302, an electronic certificate template corresponding to a certificate issuing organization and identity information of a acquirer of a certificate are obtained, wherein the electronic certificate template is a template which passes through verification of an operation platform.

The identity information of the acquirer can be pre-stored in a certificate issuing organization, can also be pre-stored on a certificate issuing platform and is stored in association with the organization identity information of the certificate issuing organization. The captain identity information may include information capable of uniquely identifying the credential captain, such as an identification card number, name, telephone number, client account number, and the like. The client account is an account for a certificate retriever to log in to an operation platform. The certificate issuing platform can store one or more electronic certificate templates corresponding to one or more certificate issuing institutions, one certificate issuing institution can correspond to one or more electronic certificate templates, and each electronic certificate template passes through verification of the operation platform.

s304, generating an electronic certificate corresponding to the certificate acquirer according to the electronic certificate template and the identity information of the acquirer.

Optionally, the electronic certificate corresponding to the certificate acquirer can be generated by writing the identity information of the acquirer into the electronic certificate template. When the identity information of the collar-side is written, the condition that the writing is successful or the writing is failed may exist, if the writing is successful, the electronic certificate corresponding to the certificate collar-side is successfully generated, and if the writing is failed, the error information corresponding to the writing failure may be output, and the error information may include at least one of an error reason, an error position and the like.

alternatively, there are cases where some electronic certificates do not need to be written with the retriever identity information. For this case, the electronic certificate template and the identity information of the acquirer may be associated, and thus, an electronic certificate corresponding to the certificate acquirer may be generated.

S306, the electronic certificate and the identity information of the acquirer are related and uploaded to a blockchain system, and the electronic certificate is sent to a client corresponding to the certificate acquirer, so that the certificate acquirer acquires the electronic certificate through the client.

The electronic certificate and the identity information of the acquirer are associated and uploaded to the blockchain system, and are actually uploaded to a blockchain node connected with the operation platform. Optionally, if the blockchain node connected to the operation platform is recorded as the first blockchain node, when the electronic certificate and the identity information of the retriever are related and uploaded to the blockchain system, the electronic certificate and the identity information of the retriever can be sent to the operation platform, and then uploaded to the first blockchain node connected with the operation platform by the operation platform. Alternatively, the certificate issuing platform may also directly upload the electronic certificate and the acquirer identity information to the first blockchain node.

In one embodiment, a certificate authority needs to conduct authority authentication on a certificate issuing platform before the issuing of an electronic certificate is implemented using interactions between the certificate issuing platform and an operating platform. Specifically, the certificate authority registers account information for logging in the certificate authority platform, and performs authority validity verification. The certificate issuing platform acquires the identity information of the mechanism corresponding to the certificate issuing mechanism, and performs validity verification on the certificate issuing mechanism according to the identity information of the mechanism, and if the validity verification is passed, the certificate issuing mechanism can use interaction between the certificate issuing platform and the operation platform to realize issuing of the electronic certificate. That is, the certificate authority may effect the issuance of the electronic certificate through the method steps of S302-S306 described above. The organization identity information may include one or more of an organization's business license number, logo (trademark) pattern, organization name, legal person information, etc.

By adopting the technical scheme provided by the embodiment of the application, the certificate issuing platform accessed to the blockchain system generates the electronic certificate corresponding to the certificate acquirer according to the electronic certificate template and the acquirer identity information by acquiring the electronic certificate template corresponding to the certificate issuing mechanism and the acquirer identity information of the certificate acquirer, and further uploads the electronic certificate and the acquirer identity information to the blockchain system in a correlated way, and sends the electronic certificate to the client corresponding to the acquirer identity information, so that the electronic certificate is conveniently acquired by the certificate acquirer through the client. Since the blockchain system has non-tamper property, traceability and security, the security of the electronic certificate can be ensured by storing the electronic certificate in a uplink manner, and the electronic certificate is prevented from being tampered, forged and the like. In addition, the authenticity and the effectiveness of the issued electronic certificate can be ensured because the electronic certificate template passes verification through the operation platform, such as verification of the authenticity, the compliance and the like of the electronic certificate template, and a collaborative trust type certificate issuing system which is interacted between a certificate issuing organization and the operation platform is realized. Furthermore, the certificate authority does not need to develop websites or software with the function of issuing the electronic certificate, so that the cost of issuing the electronic certificate is reduced.

In one embodiment, the electronic certificate template may be generated by a certificate issuing platform before the electronic certificate template is used by a certificate issuing authority to issue electronic certificates for users. The electronic certificate template includes certificate signature information corresponding to a certificate authority, which may include at least one of first signature information of the certificate authority, second signature information of a third party signer, a certificate validity period, and the like. Wherein the first signature information may include one or more of a business license number, logo (trademark) pattern, organization name, legal information, manager information, etc. of the certificate authority. The second signature information may include one or more of a business license number, logo (trademark) pattern, organization name, legal information, manager information, signer name, etc. of the third party signer. The validity period of the certificate is the time period of the validity of the electronic certificate.

The certificate issuing platform is pre-provided with a plurality of pieces of certificate element information for generating the electronic certificate template, and when the certificate issuing organization needs to generate the electronic certificate template through the certificate issuing platform, the certificate element information for generating the electronic certificate template can be determined, namely, one or more pieces of certificate element information are selected from the plurality of pieces of certificate element information pre-stored by the certificate issuing platform. Then, certificate signature information corresponding to the certificate authority is acquired. And then, generating an electronic certificate template corresponding to the certificate authority according to the certificate element information and the certificate signature information.

wherein the certificate element information may include one or more of: certificate format, elements contained on the certificate (e.g., certificate name, certificate content, certificate deposit, certificate background, certificate border, etc.), location information of elements on the certificate, font size, etc.

Optionally, the certificate element information includes a certificate format. When an electronic certificate template corresponding to a certificate authority is generated according to the certificate element information and the certificate signature information, a basic template conforming to a certificate format can be generated according to the certificate element information, and then the certificate signature information is written into a designated position (such as a deposit position in the lower right corner) of the basic template, so that the electronic certificate template corresponding to the certificate authority is generated.

In the embodiment, before the electronic certificate template is used by the certificate issuing organization to issue the electronic certificate for the user, the electronic certificate template is generated through the certificate issuing platform, so that the electronic certificate can be generated by using the pre-generated electronic certificate template when the electronic certificate is issued for the user later, and the generation and issuing efficiency of the electronic certificate is improved. And the certificate issuing organization can select all or part of certificate element information provided by the certificate issuing platform according to requirements, so that the electronic certificate template is personalized, and the electronic certificate issued to the user is personalized.

In one embodiment, when the certificate authority uses the certificate authority to generate the electronic certificate template, the custom information for generating the electronic certificate template can be submitted through the front end interface of the certificate authority, so that the certificate authority obtains the custom information submitted by the certificate authority. Then, according to the certificate signature information, the certificate element information and/or the custom information, an electronic certificate template corresponding to the certificate authority is generated.

The custom information may include information obtained by customizing any one or more of certificate element information such as a certificate format, elements included in a certificate (such as a certificate name, a certificate content, a certificate deposit, a certificate background, a certificate frame, etc.), position information, a font, a word size, etc. of each element on the certificate, and may also include information obtained by customizing other information than the certificate element information provided by the certificate issuing platform.

For example, when a certificate authority generates an electronic certificate template using a certificate authority, first, certificate element information for generating the electronic certificate template is selected from among the certificate element information provided by the certificate authority. And then, the selected certificate element information is subjected to self-definition, such as editing of certificate content, changing of fonts of the certificate content and the like, so that self-definition information for generating an electronic certificate template is obtained, and then the electronic certificate template corresponding to the certificate issuing institution is generated according to the self-definition information and the certificate signature information of the certificate issuing institution.

For another example, when the certificate authority generates the electronic certificate template using the certificate authority, first, the certificate element information for generating the electronic certificate template is selected from among the certificate element information provided by the certificate authority. Meanwhile, other element information which is not available on the certificate issuing platform is selected, the other element information is user-defined information, and the user-defined information is submitted through a front end interface of the certificate issuing platform, so that the certificate issuing platform generates an electronic certificate template corresponding to a certificate issuing organization according to the certificate signature information, the certificate element information and the user-defined information.

in this embodiment, the certificate authority not only can use the certificate element information provided by the certificate authority platform, but also can customize the certificate element information and/or provide other customized information not provided by the certificate authority platform through the front-end interface, so that the certificate authority can generate an electronic certificate template meeting the personalized requirements of the user through the certificate authority platform, and the personalization of the electronic certificate template is promoted.

In one embodiment, after the electronic certificate template corresponding to the certificate authority is generated, the electronic certificate template may be sent to the operation platform, so that the operation platform can audit the electronic certificate template; and further, an auditing result of the operation platform on the electronic certificate template is obtained, and if the auditing result is passed, the certificate issuing authority is determined to issue the electronic certificate by utilizing the electronic certificate template.

The auditing result includes that the auditing is passed or not passed, and the auditing of the operation platform to the electronic certificate template can include that whether the electronic certificate template accords with a preset certificate format, whether illegal contents are contained in the certificate contents or not, and the like. After the operation platform examines the electronic certificate template, the examination result can be sent to the certificate issuing platform. The certificate issuing organization can inquire the auditing result of the corresponding electronic certificate template through the certificate issuing platform, and can issue the electronic certificate by utilizing the electronic certificate template under the condition that the auditing result is passed.

Optionally, if the result of the audit of the electronic certificate template by the operation platform is failed, a reason for failed audit may be sent to the certificate issuing platform, for example: the certificate content contains offending content, incorrect certificate signing locations, etc., so that the certificate authority can re-edit the electronic certificate templates based on reasons for failed audits.

In this embodiment, the certificate issuing platform sends the electronic certificate template to the operation platform for auditing, so that the electronic certificate template can meet the requirement of the operation platform on the electronic certificate, thereby ensuring the correctness and compliance of the electronic certificate issued to the user.

In one embodiment, if the certificate signing information used to generate the electronic certificate template includes second signing information of the third party signer, the second signing information of the third party signer may be pre-generated. Optionally, the signing party identity information of the third party signing party is obtained first, and then the identity authentication operation is performed on the third party signing party according to the signing party identity information. And if the identity authentication of the signing party aiming at the third party passes, generating second signature information corresponding to the signing party of the third party.

The signer identity information may include one or more of a business license number, logo (trademark) pattern, organization name, legal information, manager information, signer name, etc. of the third party signer. The identity authentication operation is performed on the third party signing party based on the signing party identity information, so that whether the third party signing party is a legal organization/person or not and whether the third party signing party is an organization/person agreed with a certificate issuing organization or not can be authenticated, and the legality and compliance of an electronic certificate template generated by using second signature information corresponding to the third party signing party are ensured.

In addition, the second signature information corresponding to the third party signing party can be pre-stored in a storage system of the certificate issuing organization, and can be associated with organization information of the certificate issuing organization and stored in a certificate issuing platform, so that when an electronic certificate template is generated, the second signature information can be directly obtained from the certificate issuing organization or the certificate issuing platform for signing, and the efficiency and convenience of electronic certificate issuing are improved.

in one embodiment, when the certificate issuing platform generates an electronic certificate template, firstly, generating an electronic certificate preview template corresponding to a certificate issuing organization according to the certificate element information and the certificate signature information; and then auditing the electronic certificate preview template according to the preview content in the electronic certificate preview template. And if the verification is passed, generating an electronic certificate template based on the electronic certificate preview template.

The verification of the electronic certificate preview template by the certificate issuing platform can comprise verifying whether the electronic certificate preview template accords with a preset certificate format, whether illegal contents are contained in certificate contents or not and the like. And generating the electronic certificate template based on the electronic certificate preview template only when the verification is passed. If the result of the verification of the electronic certificate preview template by the certificate issuing platform is failed, the reason that the verification fails can be shown to the certificate issuing authority, for example: the certificate content contains offending content, incorrect certificate signature locations, etc., so that the certificate authority can re-edit the electronic certificate preview template based on reasons for failed audits.

in this embodiment, the electronic certificate preview template is audited by the certificate issuing platform, so that the generated electronic certificate template can meet the requirement of the certificate issuing platform on the electronic certificate, thereby ensuring the correctness and compliance of the electronic certificate issued to the user.

In one embodiment, after the electronic certificate templates corresponding to the certificate authorities are generated, the certificate authorities may also manage the electronic certificate templates. When the certificate issuing platform receives the management operation aiming at the electronic certificate template, the user executing the management operation is authenticated, and if the authentication aiming at the user passes, the electronic certificate template is correspondingly managed. Wherein the management operations may include modification, deletion, etc.

For example, when a user with management authority of a certificate authority logs in to a certificate issuing platform and modifies an electronic certificate template on the certificate issuing platform, the certificate issuing platform firstly performs identity verification on the user so as to verify whether the user has the management authority on the electronic certificate template, and if so, the identity verification is passed. The certificate issuing platform stores the organization information of a certificate issuing organization, the corresponding electronic certificate templates, the user information which is authorized to manage the electronic certificate templates and the like in advance, and based on the prestored information, whether the user has the management authority on the electronic certificate templates can be verified.

In this embodiment, after the electronic certificate template is generated, the certificate authority can manage the electronic certificate template according to the requirement, so that the management of the electronic certificate template is more flexible, and the requirement of the certificate authority on the continuous change of the electronic certificate can be met.

in one embodiment, after the electronic certificate is generated, the certificate authority may revoke the electronic certificate. When the certificate issuing platform receives a revocation request for the electronic certificate, performing revocation operation on the electronic certificate, and sending revocation event information corresponding to the electronic certificate to the operation platform and/or the blockchain system, wherein the revocation event information comprises certificate identification information corresponding to the electronic certificate.

In this embodiment, after the certificate issuing platform withdraws the electronic certificate, the withdrawal event information may be sent to the client to notify the client that the electronic certificate corresponding to the certificate identification information included in the withdrawal event information is withdrawn. After receiving the revocation event information, the client may update the certificate status of the corresponding electronic certificate to revoked, or delete the revoked electronic certificate from the client.

in this embodiment, the certificate issuing platform sends the revocation event information to the operation platform and/or the blockchain system, so that the operation platform and/or the blockchain system can synchronously revoke a prestored electronic certificate based on the revocation event information, or change the certificate state of the electronic certificate to be revoked, thereby ensuring that the utility and the certificate state of the electronic certificate stored on the operation platform and/or the blockchain system are accurate.

Fig. 4 is a schematic flowchart of a blockchain-based electronic certificate management method according to another embodiment of the present disclosure, as shown in fig. 4, applied to a client accessing a blockchain system, including the following steps S402-S406:

S402, receiving a picking request for the electronic certificate sent by a certificate picking party, wherein the picking request carries certificate identification information of the electronic certificate, and the electronic certificate is generated through an electronic certificate template which corresponds to a certificate issuing organization and is checked by an operation platform.

S404, according to the acquisition request, the electronic certificate corresponding to the certificate identification information is displayed to a certificate acquirer. Alternatively, the certificate issuing platform may only display part of the information of the electronic certificate, such as the certificate name, the certificate content digest, etc., of the electronic certificate before the certificate is picked up by the certificate authority. After receiving the request for picking up the certificate, the complete content of the electronic certificate is displayed to the certificate picking up party.

s406, uploading the acquisition event information of the electronic certificate to the blockchain system so that the acquisition event information and the electronic certificate are associated and stored in the blockchain system.

wherein, the picking event information may include at least one of picking action, picking time, and certificate identification information of the picked electronic certificate.

In this embodiment, the client may be an application or an applet embedded within the application. Alternatively, the client may display the certificate related information of the electronic certificate for the certificate-capturing party, such as the electronic certificate that is not captured, the electronic certificate that is captured, the validity period of the electronic certificate, the certificate status (such as captured, not captured, revoked, etc.) of each electronic certificate that the certificate-capturing party has, and so on, so that the certificate-capturing party obtains the certificate related information of the corresponding electronic certificate through the client.

In one embodiment, the electronic certificate and the certificate identification information, the organization identity information of the certificate issuing organization, and the identity information of the acquirer are stored in the blockchain system in an associated manner, based on the information, when the client side displays the electronic certificate for the certificate acquirer, the client side can display the storage information of the electronic certificate in the blockchain system at the same time, and the storage information can include one or more of block information, verification information (such as hash values) and the like corresponding to the electronic certificate.

By adopting the technical scheme provided by the embodiment of the application, when receiving the request for picking up the electronic certificate sent by the certificate picking up party, the client side accessing the blockchain system displays the electronic certificate to the certificate picking up party, and uploads the picking up event information of the electronic certificate to the blockchain system so that the picking up event information and the electronic certificate are associated and stored in the blockchain system. Because the blockchain system has non-tamper property, traceability and safety, the technical scheme stores the acquisition event information of the electronic certificate in the blockchain system, and can ensure the safety and the accuracy of the acquisition event information of the electronic certificate. In addition, the authenticity and the effectiveness of the issued electronic certificate can be ensured because the electronic certificate template passes verification through the operation platform, such as verification of the authenticity, the compliance and the like of the electronic certificate template, and a collaborative trust type certificate issuing system which is interacted between a certificate issuing organization and the operation platform is realized. Furthermore, the certificate authority does not need to develop websites or software with the function of issuing the electronic certificate, so that the cost of issuing the electronic certificate is reduced.

in one embodiment, the pickup request is generated by obtaining pickup information corresponding to the electronic certificate. Before receiving a request for picking up an electronic certificate sent by a certificate picking up party, the client firstly receives the electronic certificate sent by a certificate issuing platform, further generates picking up information for the electronic certificate, and provides the picking up information for the certificate picking up party so that the certificate picking up party picks up the electronic certificate based on the picking up information.

In this embodiment, the retrieval information may be in the form of a link or a graphic code (such as a two-dimensional code), and the retrieval information is associated with a retrieval page corresponding to the electronic certificate. The certificate receiving side can enter a receiving page associated with the receiving information by acquiring the receiving information. For example, if the acquisition information is a link, the certificate acquirer clicks the link, that is, determines that the certificate acquirer acquired the acquisition information, and then enters the acquisition page. If the acquisition information is the two-dimensional code, the certificate acquirer scans the two-dimensional code, namely, the fact that the certificate acquirer acquires the acquisition information is determined, and therefore the acquisition page is entered.

in this embodiment, when capturing a preset trigger operation of the certificate capturing party on the front-end interface, the client displays the capturing information. Therefore, for the certificate acquirer, only one operation is required to be performed, namely, the acquiring information provided by the client is acquired, and the corresponding electronic certificate can be acquired, so that a plurality of complicated operation actions are omitted for the certificate acquirer, and great convenience is provided.

In one embodiment, the client generates the get request in two ways:

The first mode is that the certificate acquirer logs in the client side first, then obtains the acquisition information corresponding to the electronic certificate, and enters the acquisition page. In this case, since the certificate-capturing party has logged in the client in advance, after obtaining the capturing information, the generated capturing request will automatically carry the capturing party identity information of the certificate-capturing party, such as the client account number, other personal information (such as an identification card number, a name, etc.) associated with the client account number, and the like.

And in the second mode, the certificate acquirer firstly acquires the acquisition information corresponding to the electronic certificate, the client side responds to the acquisition operation of the certificate acquirer on the acquisition information and jumps to a acquisition page associated with the acquisition information, and an input inlet for acquiring the identity information is preset on the acquisition page, so that the certificate acquirer provides the identity information of the acquirer through the input inlet. After the identity information of the acquirer input by the certificate acquirer through the input inlet is obtained, a acquiring request is generated based on the identity information of the acquirer.

Based on the request for picking up generated in any mode, the client displays the electronic certificate on a picking up page of the electronic certificate. In this embodiment, when the certificate-capturing party obtains the electronic certificate through the client, there are multiple ways of entering the obtaining page, and for the certificate-capturing party, the obtaining of the electronic certificate is more flexible and convenient.

In one embodiment, after receiving the electronic certificate sent by the certificate issuing platform, the client may generate a certificate status corresponding to the electronic certificate, and upload the certificate status to the blockchain system. Wherein the certificate status is used to characterize at least one of whether the electronic certificate is currently successfully issued, is picked up, and is revoked.

for example, after receiving an electronic certificate sent by a certificate issuing platform, the certificate status may be updated to a first status that is used to characterize that the electronic certificate has been issued.

After sending the electronic certificate to the certificate authority, the certificate status is updated to a second status that is used to characterize that the electronic certificate has been acquired.

When revocation event information for the electronic certificate sent by the certificate issuing platform is received, updating the state of the certificate into a third state, wherein the third state is used for representing that the electronic certificate is revoked, and the revocation event information comprises certificate identification information corresponding to the electronic certificate.

In one embodiment, after the certificate authority retrieves the electronic certificate, the electronic certificate may be shared to others. Optionally, the client provides a sharing channel for the certificate acquirer, for example, a sharing button is displayed on a front end interface of the client, after the certificate acquirer triggers the sharing button, the client can be triggered to display a selection interface of a user to be shared, and after the certificate acquirer selects the certificate checking party as the user to be shared, the client sends the electronic certificate to the certificate checking party.

optionally, when receiving a certificate sharing request sent by the certificate retriever to share the electronic certificate to the certificate verifier, the client may generate a certificate graphic code (e.g. a two-dimensional code) corresponding to the electronic certificate. And then, according to the identity information of the checking party of the certificate checking party, the certificate graphic code is sent to the certificate checking party.

The certificate sharing request carries identity information of a checking party of the certificate checking party, wherein the identity information of the checking party can comprise information such as a client account number of the certificate checking party, an identity card number and a telephone number associated with the client account number. The certificate graphic code corresponding to the electronic certificate is associated with the electronic certificate, and the certificate checking party can acquire the corresponding electronic certificate after identifying the certificate graphic code (such as scanning the two-dimensional code).

After the certificate checking party acquires the electronic certificate, the electronic certificate can be checked. The certificate checking party can initiate a checking request of the electronic certificate through the client, wherein the checking request carries certificate identification information of the electronic certificate. Alternatively, since the client stores certificate related information of the electronic certificate, such as an electronic certificate that is not acquired, an electronic certificate that is acquired, a validity period of the electronic certificate, a certificate status (such as acquired, not acquired, revoked, etc.) of each electronic certificate that the certificate acquirer has, and the like, the client may perform the inspection of the electronic certificate based on the inspection request and transmit the inspection result to the client. Optionally, the operation platform stores the certificate related information of the electronic certificate, so the client may send a verification request to the operation platform, so that the operation platform verifies the electronic certificate. Optionally, the blockchain system stores certificate related information of the electronic certificate, so the client may forward the ping request to the blockchain system, which is used to ping the electronic certificate and send the ping result to the client. The client obtains the checking result sent by the operation platform and/or the blockchain system and displays the checking result and/or the electronic certificate to the certificate checking party.

the verification results may include, among other things, results of verifying the validity period, validity, compliance, utility, etc. of the electronic certificate.

In addition, after the certificate-capturing party captures the electronic certificate, the client can also check the electronic certificate captured by the client. The client provides a checking channel for the certificate acquirer, for example, a checking button is displayed on a front end interface of the client, and the certificate acquirer can trigger the client to check the electronic certificate by clicking the checking button and return a checking result.

In this embodiment, after the electronic certificate is acquired by the certificate acquirer, the electronic certificate can be shared with the certificate checking party at any time by one key (for example, the sharing key provided by the client interface is triggered), or the electronic certificate is checked by one key (for example, the checking key provided by the client interface is triggered), and when the electronic certificate needs to be checked by the certificate checking party, the checking result of the electronic certificate by the client, the operation platform and/or the blockchain system can be obtained only by initiating the checking request by the client, so that great convenience is provided for certificate sharing and certificate checking.

In one embodiment, the certificate checking party checks the electronic certificate shared by the certificate acquirer, and after the client obtains the checking result corresponding to the electronic certificate, a usage record corresponding to the electronic certificate can be generated and uploaded to the blockchain system. Wherein the usage record includes at least one of a generation record of a certificate graphic code, a verification record of an electronic certificate, and a verification result.

In this embodiment, after the electronic certificate is checked, the usage record corresponding to the electronic certificate is uploaded to the blockchain system, so that the usage record of the electronic certificate can be traced and queried through the blockchain system, thereby ensuring the data reliability and security of the usage record of the electronic certificate.

In one embodiment, the certificate authority may encrypt the electronic certificate prior to sharing the electronic certificate, including encrypting all or part of the certificate content of the electronic certificate. Optionally, the certificate retriever initiates an encryption request for the electronic certificate through the client, where the encryption request carries certificate identification information of the electronic certificate, specified certificate content to be encrypted, and the like. When receiving an encryption request for an electronic certificate sent by a certificate authority, a client encrypts specified certificate content in the electronic certificate to obtain an encrypted electronic certificate.

Therefore, the certificate retriever can share the encrypted electronic certificate to the certificate checking party, so that the certificate checking party cannot see the encrypted specified certificate content when viewing the electronic certificate through the client. For example, the encrypted specified certificate content is presented in a non-sensitive form such as a symbol, a number, etc., thereby ensuring the security of the sensitive certificate content, the important certificate content, etc. on the electronic certificate.

FIG. 5 is a schematic swim lane diagram of a blockchain-based electronic certificate management method in accordance with an embodiment of the present description that generally illustrates how a certificate authority generates electronic certificates through a certificate authority and an operation platform, the authority manager of the certificate authority having the authority to generate electronic certificates through the certificate authority and the operation platform, the certificate authority providing a certificate authority front for each of the certificate authorities such that the authority manager can log into the certificate authority platform through the certificate authority front. As shown in fig. 5, the blockchain-based electronic certificate management method is applied to the electronic certificate management system shown in fig. 1, and includes the following steps S5.1-S5.11:

S5.1, the organization manager registers account information for logging in the certificate issuing platform through the front end of the certificate issuing, and logs in the certificate issuing platform after the registration is successful.

The account information may include a login account and a password. After the registration is successful, the certificate issuing platform can be logged in and the subsequent steps are executed. Optionally, during the registration process, the certificate issuing platform may perform an organization authentication on the certificate issuing organization according to the organization identity information provided by the organization administrator, for example, perform validity verification of the organization, and if the validity verification passes, determine that the organization administrator registration is successful. The organization identity information may include one or more of an organization's business license number, logo (trademark) pattern, organization name, legal information, and the like.

s5.2, the organization manager determines the certificate element information from the certificate issuing platform through the certificate issuing front end.

in this step, the organization manager may edit the certificate element information after determining the certificate element information.

s5.3, the organization manager uploads the certificate bookmark name information to the certificate issuing platform through the certificate issuing front end.

Wherein the certificate signing information may comprise at least one of first signing information of a certificate authority, second signing information of a third party signer, a certificate validity period, etc. Wherein the first signature information may include one or more of a business license number, logo (trademark) pattern, organization name, legal information, manager information, etc. of the certificate authority. The second signature information may include one or more of a business license number, logo (trademark) pattern, organization name, legal information, manager information, signer name, etc. of the third party signer. The validity period of the certificate is the time period of the validity of the electronic certificate.

S5.4, the certificate issuing platform generates an electronic certificate template corresponding to the certificate issuing organization according to the certificate element information and the certificate signature information.

S5.5, the certificate issuing platform sends an auditing request aiming at the electronic certificate template to the operation platform.

S5.6, the operation platform carries out auditing on the electronic certificate template to obtain an auditing result.

The auditing result includes that the auditing is passed or not passed, and the auditing of the operation platform to the electronic certificate template can include that whether the electronic certificate template accords with a preset certificate format, whether illegal contents are contained in the certificate contents or not, and the like.

S5.7, the operation platform sends the auditing result to the certificate issuing platform.

after the certificate issuing platform obtains the auditing result corresponding to the electronic certificate template, the certificate issuing authority can issue the electronic certificate by using the electronic certificate template.

S5.8, the certificate issuing platform stores the identity information of the electronic certificate template and the certificate issuing organization in a correlated mode.

Optionally, the institution manager may edit the corresponding electronic certificate template stored on the certificate issuing platform, such as editing the certificate element information and/or the certificate signature information on the electronic certificate template. The institution manager may also delete the corresponding electronic certificate template.

s5.9, the organization manager determines the electronic certificate template from the certificate issuing platform through the certificate issuing front end.

Wherein if one electronic certificate template corresponding to the certificate authority is stored on the certificate authority, the authority manager can directly determine the electronic certificate template for generating the electronic certificate to be issued. If a plurality of electronic certificate templates corresponding to a certificate authority are stored on the certificate authority, the authority manager may select one electronic certificate template therefrom for generating an electronic certificate to be issued.

S5.10, the institution manager uploads the identity information of the acquirer of the certificate acquirer to the certificate issuing platform through the front end of the certificate issuing.

The institution manager may upload the identity information of the acquirer of one or more certificate acquirers at a time, where the identity information of the acquirer may include information capable of uniquely identifying the certificate acquirer, such as an identification card number, a name, a phone number, a client account number, and the like. The client account is an account for a certificate retriever to log in to an operation platform.

the identity information of the acquirer can be pre-stored in a storage system of a certificate issuing organization, or can be filled in real time before being uploaded by an organization manager.

S5.11, the certificate issuing platform generates an electronic certificate of the certificate acquirer according to the electronic certificate template and the identity information of the acquirer.

After the certificate issuing platform generates the electronic certificate, the electronic certificate is sent to a client of a certificate acquirer corresponding to the identity information of the acquirer. Optionally, the electronic certificate and the identity information of the retriever can be associated and uploaded to the operation platform and/or the blockchain system, so that the operation platform and/or the blockchain system manages the electronic certificate and the associated identity information of the retriever.

In this embodiment, the certificate issuing platform obtains the electronic certificate template corresponding to the certificate issuing organization and the identity information of the acquirer of the certificate, and generates the electronic certificate corresponding to the acquirer of the certificate according to the electronic certificate template and the identity information of the acquirer, so that the electronic certificate and the identity information of the acquirer are related and uploaded to the operation platform, and the electronic certificate is sent to the client corresponding to the identity information of the acquirer, so that the acquirer of the certificate is convenient to acquire the electronic certificate through the client. The certificate issuing platform and the operation platform are both connected to the blockchain system, and the blockchain system has the characteristics of non-tamper property, traceability and safety, so that the safety of the electronic certificate can be ensured, and the electronic certificate is prevented from being tampered, forged and the like. In addition, the authenticity and the effectiveness of the issued electronic certificate can be ensured because the electronic certificate template passes verification through the operation platform, such as verification of the authenticity, the compliance and the like of the electronic certificate template, and a collaborative trust type certificate issuing system which is interacted between a certificate issuing organization and the operation platform is realized. Furthermore, the certificate authority does not need to develop websites or software with the function of issuing the electronic certificate, so that the cost of issuing the electronic certificate is reduced.

In addition, in the electronic certificate issuing process shown in fig. 5, any related process and any data can be uploaded to the blockchain system for recording, for example, the process of generating the electronic certificate on the certificate issuing platform, the identity authentication process of the certificate acquirer, the record of the electronic certificate acquired by the certificate acquirer and the like can be traced back through the blockchain system, so that a whole data process record is formed, and the safety and the reliability of the data in the electronic certificate issuing process are ensured.

FIG. 6 is a schematic swim lane diagram of a blockchain-based electronic certificate management method according to another embodiment of the present disclosure, which mainly illustrates how a certificate authority retrieves and shares electronic certificates through clients. As shown in fig. 6, the steps S6.1-S6.9 are included:

S6.1, the certificate retriever logs in the client.

In this embodiment, the client may display the certificate related information of the electronic certificate for the certificate-capturing side, such as the electronic certificate that is not captured, the electronic certificate that is captured, the certificate status (such as captured, not captured, and revoked) of each electronic certificate that the certificate-capturing side has, the validity period of the electronic certificate, and so on, so that the certificate-capturing side obtains the certificate related information of the corresponding electronic certificate through the client.

S6.2, the certificate retriever initiates a request for retrieving the electronic certificate through the client.

Wherein, the picking request carries the certificate identification information of the electronic certificate and the identity information of the picking party.

and S6.3, the client displays the corresponding electronic certificate to the certificate acquirer according to the certificate identification information.

The certificate-capturing party can check the acquired electronic certificate and the certificate related information of the electronic certificate through the display interface of the client.

And S6.4, the client generates the acquisition event information of the electronic certificate and uploads the acquisition event information to the blockchain system.

Wherein, the picking event information may include at least one of picking action, picking time, and certificate identification information of the picked electronic certificate. After the blockchain system receives the acquisition event information, the acquisition event information is associated with the electronic certificate and stored.

optionally, after the client presents the corresponding electronic certificate to the certificate authority, the certificate status of the local electronic certificate may be updated, such as to "acquired".

S6.5, the certificate-capturing party initiates a sharing request of the electronic certificate through the client.

For example, the certificate-capturing party needs to sign a contract with a third party organization by using the electronic certificate, in this case, the third party organization needs to check the electronic certificate, and the certificate-capturing party can share the electronic certificate to the third party organization, which is the certificate checking party, through the client. The sharing request carries certificate identification information of the electronic certificate to be shared and identity information of a checking party of the certificate checking party.

S6.6, the client generates a certificate graphic code corresponding to the electronic certificate and sends the certificate graphic code to the certificate checking party.

s6.7, the certificate checking party initiates a checking request for the electronic certificate through the client.

Wherein the ping request carries certificate identification information of the electronic certificate.

And S6.8, the client side checks the electronic certificate and sends a checking result to a certificate checking party.

S6.9, the client generates a use record of the electronic certificate, and uploads the use record to the blockchain system.

Wherein the usage record includes at least one of a generation record of a certificate graphic code, a verification record of an electronic certificate, and a verification result. After the blockchain system receives the usage record of the electronic certificate, the usage record is associated with the electronic certificate for storage.

In this embodiment, the process of checking the electronic certificate may be performed by any one or more of the operation platform, the blockchain system, or the client, and when checking the electronic certificate by any one of the ends, the end is required to store the certificate related information of the electronic certificate in advance, such as an electronic certificate that is not acquired, an electronic certificate that is acquired, a certificate status (such as acquired, not acquired, revoked, etc.) of each electronic certificate that is possessed by the certificate acquirer, a validity period of the electronic certificate, and so on, so that the electronic certificate is checked based on the certificate related information.

By adopting the technical scheme provided by the embodiment, when receiving the request for picking up the electronic certificate sent by the certificate picking up party, the client side displays the electronic certificate to the certificate picking up party and uploads the information of the picking up event of the electronic certificate to the blockchain system, so that the information of the picking up event and the electronic certificate are associated and stored in the blockchain system. The certificate issuing platform and the operation platform are both connected to the blockchain system, and the blockchain system has the characteristics of non-tamper property, traceability and safety, so that the security of the electronic certificate can be ensured by the acquisition event information, and the electronic certificate is prevented from being tampered, forged and the like. In addition, the authenticity and the effectiveness of the issued electronic certificate can be ensured because the electronic certificate template passes verification through the operation platform, such as verification of the authenticity, the compliance and the like of the electronic certificate template, and a collaborative trust type certificate issuing system which is interacted between a certificate issuing organization and the operation platform is realized. Moreover, the certificate retriever can share the electronic certificate by one key (such as triggering a sharing key provided by a client interface) to the certificate checking party at any time, and when the certificate checking party needs to check the electronic certificate, the checking result of the client, the operation platform and/or the blockchain system on the electronic certificate can be obtained only by initiating a checking request through the client, so that great convenience is provided for certificate sharing and certificate checking.

In summary, particular embodiments of the present subject matter have been described. Other embodiments are within the scope of the following claims. In some cases, the actions recited in the claims can be performed in a different order and still achieve desirable results. In addition, the processes depicted in the accompanying figures do not necessarily require the particular order shown, or sequential order, to achieve desirable results. In some embodiments, multitasking and parallel processing may be advantageous.

The above method for managing electronic certificates based on blockchain is provided for one or more embodiments of the present specification, and based on the same concept, one or more embodiments of the present specification further provide an electronic certificate management device based on blockchain.

FIG. 7 is a schematic block diagram of a blockchain-based electronic certificate management device in accordance with an embodiment of the present description, as shown in FIG. 7, applied to a certificate issuing platform that accesses a blockchain system; the device comprises:

a first obtaining module 71 for obtaining an electronic certificate template corresponding to a certificate authority and identity information of a acquirer of a certificate acquirer; the electronic certificate template is a template which passes through verification of an operation platform;

A first generation module 72, configured to generate an electronic certificate corresponding to the certificate acquirer according to the electronic certificate template and the identity information of the acquirer;

the first uplink module 73 uploads the electronic certificate and the identity information of the acquirer to the blockchain system in a correlated manner, and sends the electronic certificate to a client corresponding to the identity information of the acquirer, so that the certificate acquirer acquires the electronic certificate through the client.

in one embodiment, the electronic certificate template includes certificate signature information corresponding to the certificate authority;

The apparatus further comprises:

The first determining module is used for determining certificate element information for generating the electronic certificate template before the electronic certificate template corresponding to the certificate issuing organization is acquired;

The second acquisition module acquires the certificate signature information corresponding to the certificate issuing organization; the certificate signature information comprises at least one of first signature information of the certificate authority, second signature information of a third party signer and a certificate validity period;

And the second generation module is used for generating the electronic certificate template corresponding to the certificate issuing organization according to the certificate element information and the certificate signature information.

in one embodiment, the apparatus further comprises:

The third acquisition module is used for acquiring custom information submitted by the certificate issuing organization and used for generating the electronic certificate template before acquiring the electronic certificate template corresponding to the certificate issuing organization;

The second generation module includes:

the first generation unit generates the electronic certificate template corresponding to the certificate issuing organization according to the certificate signature information, the certificate element information and/or the custom information.

in one embodiment, the apparatus further comprises:

The first sending module is used for sending the electronic certificate template to the operation platform after the electronic certificate template corresponding to the certificate authority is generated, so that the operation platform can audit the electronic certificate template;

A fourth obtaining module, configured to obtain an audit result of the electronic certificate template by the operation platform;

and the second determining module is used for determining that the certificate issuing mechanism can issue the electronic certificate by utilizing the electronic certificate template if the auditing result is passed.

in one embodiment, the apparatus further comprises:

A fifth obtaining module, configured to obtain signing party identity information of the third party signing party before obtaining the certificate signing information corresponding to the certificate authority;

the authentication module is used for carrying out identity authentication operation on the third party signing party according to the signing party identity information;

And the third generation module is used for generating the second signature information corresponding to the third party signing party if the identity authentication of the third party signing party passes.

in one embodiment, the second generating module includes:

the second generation unit generates an electronic certificate preview template corresponding to the certificate authority according to the certificate element information and the certificate signature information;

An auditing unit for auditing the electronic certificate preview template according to the preview content in the electronic certificate preview template;

And the third generation unit is used for generating the electronic certificate template based on the electronic certificate preview template if the verification passes.

in one embodiment, the apparatus further comprises:

The first verification module is used for carrying out identity verification on a user executing management operation on the electronic certificate template when the management operation on the electronic certificate template is received after the electronic certificate template corresponding to the certificate authority is generated; the management operation comprises at least one of a modification operation and a deletion operation;

and the management module is used for correspondingly managing the electronic certificate template if the identity verification of the user is passed.

in one embodiment, the first generation module 72 includes:

A writing unit writing the identity information of the acquirer into the electronic certificate template;

a fourth generation unit, for generating the electronic certificate corresponding to the certificate-capturing party if the writing is successful;

The output unit outputs error information corresponding to the writing failure if the writing failure occurs; the error information includes at least one of an error cause and an error location.

in one embodiment, the apparatus further comprises:

A sixth acquisition module, configured to acquire organization identity information corresponding to a certificate authority before acquiring an electronic certificate template corresponding to the certificate authority;

The second verification module is used for verifying the validity of the certificate issuing mechanism according to the identity information of the mechanism;

And the execution module is used for executing the step of acquiring the electronic certificate template corresponding to the certificate authority if the validity verification is passed.

in one embodiment, the apparatus further comprises:

The revocation module is used for executing revocation operation on the electronic certificate when receiving a revocation request aiming at the electronic certificate after the electronic certificate and the identity information of the acquirer are related and uploaded to the blockchain system;

the second sending module is used for sending the revocation event information corresponding to the electronic certificate to an operation platform and/or the blockchain system; the revocation event information comprises certificate identification information corresponding to the electronic certificate.

By adopting the device provided by the embodiment of the application, the certificate issuing platform accessed to the blockchain system generates the electronic certificate corresponding to the certificate acquirer according to the electronic certificate template and the acquirer identity information by acquiring the electronic certificate template corresponding to the certificate issuing mechanism and the acquirer identity information of the certificate acquirer, further uploads the electronic certificate and the acquirer identity information to the blockchain system in a correlated way, and sends the electronic certificate to the client corresponding to the acquirer identity information, so that the electronic certificate is conveniently acquired by the certificate acquirer through the client. Since the blockchain system has non-tamper property, traceability and security, the security of the electronic certificate can be ensured by storing the electronic certificate in a uplink manner, and the electronic certificate is prevented from being tampered, forged and the like. In addition, the authenticity and the effectiveness of the issued electronic certificate can be ensured because the electronic certificate template passes verification through the operation platform, such as verification of the authenticity, the compliance and the like of the electronic certificate template, and a collaborative trust type certificate issuing system which is interacted between a certificate issuing organization and the operation platform is realized. Furthermore, the certificate authority does not need to develop websites or software with the function of issuing the electronic certificate, so that the cost of issuing the electronic certificate is reduced.

It should be understood by those skilled in the art that the above-mentioned electronic certificate management apparatus based on blockchain can be used to implement the above-mentioned electronic certificate management method based on blockchain, and the detailed description thereof should be similar to that of the above-mentioned method section, so as to avoid complexity and redundancy.

FIG. 8 is a schematic block diagram of a blockchain-based electronic certificate management device as shown in FIG. 8 applied to a client accessing a blockchain system in accordance with an embodiment of the present specification; the device comprises:

A first receiving module 81 for receiving a request for picking up an electronic certificate sent by a certificate picking up party; the acquisition request carries certificate identification information of the electronic certificate; the electronic certificate is generated by an electronic certificate template which corresponds to a certificate issuing mechanism and is checked by the operation platform;

the first display module 82 displays the electronic certificate corresponding to the certificate identification information to the certificate acquirer according to the acquisition request;

The second uplink module 83 uploads the acquisition event information of the electronic certificate to the blockchain system, so that the acquisition event information and the electronic certificate are associated and stored in the blockchain system.

In one embodiment, the request for acquiring is generated by acquiring acquisition information corresponding to the electronic certificate;

The apparatus further comprises:

The second receiving module is used for receiving the electronic certificate sent by the certificate issuing platform before receiving a request for picking up the electronic certificate sent by the certificate pick-up party;

A fourth generation module that generates the pickup information for the electronic certificate; the acquisition information is associated with an acquisition page corresponding to the electronic certificate;

And the providing module is used for providing the acquisition information to the certificate acquirer so that the certificate acquirer acquires the electronic certificate based on the acquisition information.

In one embodiment, the first receiving module 81 includes:

A jump unit that jumps to the retrieval page associated with the retrieval information in response to the retrieval request generated by acquiring the retrieval information;

And the first display unit displays the electronic certificate on the pick-up page.

in one embodiment, the apparatus further comprises:

A fifth generation module for generating a certificate state corresponding to the electronic certificate; the certificate status is used for characterizing at least one of whether the electronic certificate is successfully issued, taken and revoked currently;

And the third uplink module is used for uploading the certificate state to the blockchain system.

in one embodiment, the apparatus further comprises:

The updating module is used for updating the certificate state into a first state after receiving the electronic certificate sent by the certificate issuing platform; the first state is used to characterize that the electronic certificate has been issued; after sending the electronic certificate to the certificate authority, updating the certificate status to a second status; the second state is used for representing that the electronic certificate is picked up; when revocation event information for the electronic certificate sent by the certificate issuing platform is received, updating the certificate state into a third state; the third state is used to characterize that the electronic certificate has been revoked; the revocation event information comprises certificate identification information corresponding to the electronic certificate.

in one embodiment, the apparatus further comprises:

A sixth generation module, configured to generate a certificate graphic code corresponding to the electronic certificate when receiving a certificate sharing request sent by the certificate acquirer and used for sharing the electronic certificate to a certificate checking party; the certificate sharing request carries the identity information of the checking party of the certificate checking party;

And the third sending module is used for sending the certificate graphic code to the certificate checking party according to the identity information of the checking party.

in one embodiment, the apparatus further comprises:

A forwarding module, configured to forward, when receiving a ping request for the electronic certificate sent by the certificate checking party, the ping request to the blockchain system; the blockchain system is used for checking the electronic certificate and sending a checking result to the client; the verification request is generated by the certificate checking party by identifying the certificate graphic code;

a seventh obtaining module, configured to obtain the inspection result sent by the blockchain system;

and the second display module displays the checking result and/or the electronic certificate to the certificate checking party.

in one embodiment, the apparatus further comprises:

A seventh generation module, configured to generate a usage record corresponding to the electronic certificate after the verification result sent by the blockchain system is obtained; the usage record comprises at least one of a generation record of the certificate graphic code, a checking record of the electronic certificate and the checking result;

And a fourth uplink module for uploading the usage record to the blockchain system.

in one embodiment, the apparatus further comprises:

The encryption module is used for encrypting appointed certificate contents in the electronic certificate when receiving an encryption request for the electronic certificate sent by the certificate acquirer, so as to obtain the encrypted electronic certificate;

The second display module includes:

and the second display unit displays the encrypted electronic certificate to the certificate checking party.

When receiving a request for picking up an electronic certificate sent by a certificate picking up party, a client accessing to the blockchain system displays the electronic certificate to the certificate picking up party, and uploads the picking up event information of the electronic certificate to the blockchain system so as to enable the picking up event information and the electronic certificate to be stored in the blockchain system in a correlated way. Because the blockchain system has non-tamper property, traceability and safety, the technical scheme stores the acquisition event information of the electronic certificate in the blockchain system, and can ensure the safety and the accuracy of the acquisition event information of the electronic certificate. In addition, the authenticity and the effectiveness of the issued electronic certificate can be ensured because the electronic certificate template passes verification through the operation platform, such as verification of the authenticity, the compliance and the like of the electronic certificate template, and a collaborative trust type certificate issuing system which is interacted between a certificate issuing organization and the operation platform is realized. Furthermore, the certificate authority does not need to develop websites or software with the function of issuing the electronic certificate, so that the cost of issuing the electronic certificate is reduced.

Based on the same thought, one or more embodiments of the present disclosure further provide a blockchain-based electronic certificate management system, including a certificate issuing platform and an operation platform; the certificate issuing platform and the operation platform are both connected to a blockchain system; wherein:

the operation platform is used for auditing the electronic certificate template which is generated by the certificate issuing platform and corresponds to the certificate issuing organization; if the verification is passed, determining that the certificate authority can issue an electronic certificate by utilizing the electronic certificate template;

The certificate issuing platform acquires the electronic certificate template corresponding to the certificate issuing organization and the identity information of a acquirer of a certificate acquirer; generating an electronic certificate corresponding to the certificate acquirer according to the electronic certificate template and the identity information of the acquirer; and the electronic certificate and the identity information of the acquirer are related and uploaded to the blockchain system, and the electronic certificate is sent to a client corresponding to the identity information of the acquirer, so that the certificate acquirer acquires the electronic certificate through the client.

Based on the same considerations, one or more embodiments of the present specification also provide a blockchain-based electronic certificate management device, as shown in fig. 9. The blockchain-based electronic certificate management device may vary considerably in configuration or performance, may include one or more processors 901 and memory 902, and may have one or more stored applications or data stored in memory 902. Wherein the memory 902 may be transient storage or persistent storage. The application programs stored in the memory 902 may include one or more modules (not shown in the figures), each of which may include a series of computer executable instructions for use in a blockchain-based electronic certificate management device. Still further, the processor 901 may be arranged to communicate with the memory 902 to execute a series of computer executable instructions in the memory 902 on a blockchain-based electronic certificate management device. The blockchain-based electronic certificate management device may also include one or more power supplies 903, one or more wired or wireless network interfaces 904, one or more input output interfaces 905, and one or more keyboards 906.

In particular, in this embodiment, the blockchain-based electronic certificate management device includes a memory, and one or more programs, wherein the one or more programs are stored in the memory, and the one or more programs may include one or more modules, and each module may include a series of computer executable instructions for the blockchain-based electronic certificate management device, and the execution of the one or more programs by the one or more processors comprises computer executable instructions for:

Acquiring an electronic certificate template corresponding to a certificate issuing organization and identity information of a acquirer of a certificate acquirer; the electronic certificate template is a template which passes through verification of an operation platform;

Generating an electronic certificate corresponding to the certificate acquirer according to the electronic certificate template and the identity information of the acquirer;

And the electronic certificate and the identity information of the acquirer are related and uploaded to the blockchain system, and the electronic certificate is sent to a client corresponding to the identity information of the acquirer, so that the client acquires the electronic certificate through the blockchain system.

In another embodiment, a blockchain-based electronic certificate management device includes a memory, and one or more programs, wherein the one or more programs are stored in the memory, and the one or more programs may include one or more modules, and each module may include a series of computer-executable instructions for the blockchain-based electronic certificate management device, and configured to be executed by the one or more processors, the one or more programs including computer-executable instructions for:

Receiving a request for acquiring an electronic certificate sent by a certificate acquirer; the acquisition request carries certificate identification information of the electronic certificate; the electronic certificate is generated by an electronic certificate template which corresponds to a certificate issuing mechanism and is checked by the operation platform;

according to the acquisition request, displaying the electronic certificate corresponding to the certificate identification information to the certificate acquirer;

and uploading the acquisition event information of the electronic certificate to the blockchain system so that the acquisition event information and the electronic certificate are associated and stored in the blockchain system.

One or more embodiments of the present disclosure further provide a storage medium storing one or more computer programs, where the one or more computer programs include instructions, which when executed by an electronic device including a plurality of application programs, enable the electronic device to perform each process of the above-described blockchain-based electronic certificate management method embodiment, and achieve the same technical effects, and are not repeated herein.

The system, apparatus, module or unit set forth in the above embodiments may be implemented in particular by a computer chip or entity, or by a product having a certain function. One typical implementation is a computer. In particular, the computer may be, for example, a personal computer, a laptop computer, a cellular telephone, a camera phone, a smart phone, a personal digital assistant, a media player, a navigation device, an email device, a game console, a tablet computer, a wearable device, or a combination of any of these devices.

For convenience of description, the above devices are described as being functionally divided into various units, respectively. Of course, the functionality of the units may be implemented in one or more software and/or hardware when implementing one or more embodiments of the present description.

One skilled in the art will appreciate that one or more embodiments of the present description may be provided as a method, system, or computer program product. Accordingly, one or more embodiments of the present description may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Moreover, one or more embodiments of the present description can take the form of a computer program product on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, etc.) having computer-usable program code embodied therein.

one or more embodiments of the present description are described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the specification. It will be understood that each flow and/or block of the flowchart illustrations and/or block diagrams, and combinations of flows and/or blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.

These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.

These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.

in one typical configuration, a computing device includes one or more processors (CPUs), input/output interfaces, network interfaces, and memory.

The memory may include volatile memory in a computer-readable medium, random Access Memory (RAM) and/or nonvolatile memory, such as Read Only Memory (ROM) or flash memory (flash RAM). Memory is an example of computer-readable media.

Computer readable media, including both non-transitory and non-transitory, removable and non-removable media, may implement information storage by any method or technology. The information may be computer readable instructions, data structures, modules of a program, or other data. Examples of storage media for a computer include, but are not limited to, phase change memory (PRAM), static Random Access Memory (SRAM), dynamic Random Access Memory (DRAM), other types of Random Access Memory (RAM), read Only Memory (ROM), electrically Erasable Programmable Read Only Memory (EEPROM), flash memory or other memory technology, compact disc read only memory (CD-ROM), digital Versatile Discs (DVD) or other optical storage, magnetic cassettes, magnetic tape disk storage or other magnetic storage devices, or any other non-transmission medium, which can be used to store information that can be accessed by a computing device. Computer-readable media, as defined herein, does not include transitory computer-readable media (transmission media), such as modulated data signals and carrier waves.

It should also be noted that the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising one … …" does not exclude the presence of other like elements in a process, method, article or apparatus that comprises the element.

One or more embodiments of the present specification may be described in the general context of computer-executable instructions, such as program modules, being executed by a computer. Generally, program modules include routines, programs, objects, components, data structures, etc. that perform particular tasks or implement particular abstract data types. The specification may also be practiced in distributed computing environments where tasks are performed by remote processing devices that are linked through a communications network. In a distributed computing environment, program modules may be located in both local and remote computer storage media including memory storage devices.

In this specification, each embodiment is described in a progressive manner, and identical and similar parts of each embodiment are all referred to each other, and each embodiment mainly describes differences from other embodiments. In particular, for system embodiments, since they are substantially similar to method embodiments, the description is relatively simple, as relevant to see a section of the description of method embodiments.

The foregoing description is merely one or more embodiments of the present disclosure and is not intended to limit the disclosure. Various modifications and alterations to one or more embodiments of this description will be apparent to those skilled in the art. Any modifications, equivalent substitutions, improvements, or the like, which are within the spirit and principles of one or more embodiments of the present disclosure, are intended to be included within the scope of the claims of one or more embodiments of the present disclosure.

Claims

1. The electronic certificate management method based on the blockchain is applied to a certificate issuing platform, and the certificate issuing platform is accessed to a blockchain system; the method comprises the following steps:

the electronic certificate and the identity information of the acquirer are related and uploaded to the blockchain system, and the electronic certificate is sent to a client corresponding to the certificate acquirer, so that the certificate acquirer acquires the electronic certificate through the client;

The electronic certificate template comprises certificate signature information corresponding to the certificate authority; before the electronic certificate template corresponding to the certificate authority is obtained, the method further comprises the following steps:

determining certificate element information for generating the electronic certificate template;

Acquiring the certificate signature information corresponding to the certificate issuing organization; the certificate signature information comprises at least one of first signature information of the certificate authority, second signature information of a third party signer and a certificate validity period;

And generating the electronic certificate template corresponding to the certificate issuing organization according to the certificate element information and the certificate signature information.

2. The method of claim 1, further comprising, prior to obtaining the electronic certificate template corresponding to the certificate authority:

Acquiring custom information submitted by the certificate authority and used for generating the electronic certificate template;

The generating the electronic certificate template corresponding to the certificate authority according to the certificate element information and the certificate signature information comprises the following steps:

And generating the electronic certificate template corresponding to the certificate issuing authority according to the certificate signature information, the certificate element information and/or the custom information.

3. the method of claim 2, further comprising, after the generating the electronic certificate template corresponding to the certificate authority:

The electronic certificate template is sent to the operation platform, so that the operation platform can audit the electronic certificate template;

Obtaining an auditing result of the operation platform on the electronic certificate template;

If the verification result is passed, determining that the certificate authority can utilize the electronic certificate template to issue the electronic certificate.

4. the method of claim 1, further comprising, prior to the obtaining the certificate signature information corresponding to the certificate authority:

Acquiring signing party identity information of the third party signing party;

According to the signing party identity information, carrying out identity authentication operation on the third party signing party;

And if the identity authentication of the third party signing party passes, generating the second signature information corresponding to the third party signing party.

5. the method of claim 1, the generating the electronic certificate template corresponding to the certificate authority according to the certificate element information and the certificate signature information, comprising:

Generating an electronic certificate preview template corresponding to the certificate authority according to the certificate element information and the certificate signature information;

auditing the electronic certificate preview template according to the preview content in the electronic certificate preview template;

and if the verification is passed, generating the electronic certificate template based on the electronic certificate preview template.

6. The method of claim 1, after the generating the electronic certificate template corresponding to the certificate authority, further comprising:

When receiving a management operation aiming at the electronic certificate template, carrying out identity verification on a user executing the management operation; the management operation comprises at least one of a modification operation and a deletion operation;

And if the identity verification of the user is passed, managing the electronic certificate template correspondingly.

7. The method of claim 1, wherein the generating the electronic certificate corresponding to the certificate acquirer according to the electronic certificate template and the acquirer identity information includes:

Writing the identity information of the retriever into the electronic certificate template;

if the writing is successful, generating the electronic certificate corresponding to the certificate acquirer;

If the writing fails, outputting error information corresponding to the writing failure; the error information includes at least one of an error cause and an error location.

8. The method of claim 1, further comprising, prior to obtaining the electronic certificate template corresponding to the certificate authority:

Acquiring the identity information of the institution corresponding to the certificate issuing institution;

Verifying the validity of the certificate issuing organization according to the identity information of the organization;

And if the validity verification is passed, executing the step of acquiring the electronic certificate template corresponding to the certificate authority.

9. The method of claim 1, further comprising, after the generating the electronic certificate corresponding to the certificate acquirer according to the electronic certificate template and the acquirer identity information:

Executing a revocation operation on the electronic certificate when a revocation request for the electronic certificate is received;

transmitting revocation event information corresponding to the electronic certificate to an operation platform and/or the blockchain system; the revocation event information comprises certificate identification information corresponding to the electronic certificate.

10. the electronic certificate management method based on the blockchain is applied to a client, and the client accesses a blockchain system; the method comprises the following steps:

Receiving a request for acquiring an electronic certificate sent by a certificate acquirer; the acquisition request carries certificate identification information of the electronic certificate; the electronic certificate is generated through an electronic certificate template which corresponds to a certificate issuing mechanism and is checked by the operation platform;

Uploading the acquisition event information of the electronic certificate to the blockchain system so that the acquisition event information and the electronic certificate are associated and stored in the blockchain system;

Further comprises:

When a certificate sharing request for sharing the electronic certificate to a certificate checking party, which is sent by the certificate acquirer, is received, a certificate graphic code corresponding to the electronic certificate is generated; the certificate sharing request carries the identity information of the checking party of the certificate checking party;

And sending the certificate graphic code to the certificate checking party according to the identity information of the checking party.

11. the method of claim 10, the pickup request being generated by obtaining pickup information corresponding to the electronic certificate;

Before receiving the request for picking up the electronic certificate sent by the certificate picking up party, the method further comprises the following steps:

Receiving the electronic certificate sent by the certificate issuing platform;

Generating the acquisition information for the electronic certificate; the acquisition information is associated with an acquisition page corresponding to the electronic certificate;

and providing the acquisition information to the certificate acquirer so that the certificate acquirer acquires the electronic certificate based on the acquisition information.

12. The method of claim 11, wherein the presenting, according to the pickup request, the electronic certificate corresponding to the certificate identification information to the certificate acquirer includes:

In response to the retrieval request generated by acquiring the retrieval information, jumping to the retrieval page associated with the retrieval information;

And displaying the electronic certificate on the pick-up page.

13. The method of claim 10, further comprising:

Generating a certificate state corresponding to the electronic certificate; the certificate status is used for characterizing at least one of whether the electronic certificate is successfully issued, taken and revoked currently;

Uploading the certificate status to the blockchain system.

14. The method of claim 13, further comprising:

After receiving the electronic certificate sent by the certificate issuing platform, updating the certificate state to a first state; the first state is used to characterize that the electronic certificate has been issued;

After sending the electronic certificate to the certificate authority, updating the certificate status to a second status; the second state is used for representing that the electronic certificate is picked up;

when revocation event information for the electronic certificate sent by the certificate issuing platform is received, updating the certificate state into a third state; the third state is used to characterize that the electronic certificate has been revoked; the revocation event information comprises certificate identification information corresponding to the electronic certificate.

15. the method of claim 10, further comprising:

when receiving a checking request for the electronic certificate sent by the certificate checking party, forwarding the checking request to the blockchain system; the blockchain system is used for checking the electronic certificate and sending a checking result to the client; the verification request is generated by the certificate checking party by identifying the certificate graphic code;

Acquiring the checking result sent by the blockchain system;

and displaying the checking result and/or the electronic certificate to the certificate checking party.

16. the method of claim 15, after the obtaining the ping result sent by the blockchain system, further comprising:

Generating a usage record corresponding to the electronic certificate; the usage record comprises at least one of a generation record of the certificate graphic code, a checking record of the electronic certificate and the checking result;

The usage record is uploaded to the blockchain system.

17. the method of claim 15, further comprising:

When receiving an encryption request for the electronic certificate sent by the certificate acquirer, encrypting appointed certificate content in the electronic certificate to obtain the encrypted electronic certificate;

The presenting the inspection result and/or the electronic certificate to the certificate inspector includes:

And displaying the encrypted electronic certificate to the certificate checking party.

18. A blockchain-based electronic certificate management device is applied to a certificate issuing platform, and the certificate issuing platform is accessed to a blockchain system; the device comprises:

The first acquisition module acquires an electronic certificate template corresponding to a certificate issuing organization and the identity information of a acquirer of a certificate acquirer; the electronic certificate template is a template which passes through verification of an operation platform;

The first generation module is used for generating an electronic certificate corresponding to the certificate acquirer according to the electronic certificate template and the identity information of the acquirer;

The first uplink module is used for carrying out association uploading on the electronic certificate and the identity information of the acquirer to the blockchain system and sending the electronic certificate to a client corresponding to the certificate acquirer so that the certificate acquirer acquires the electronic certificate through the client;

The electronic certificate template comprises certificate signature information corresponding to the certificate authority; the apparatus further comprises:

19. The electronic certificate management device based on the blockchain is applied to a client, and the client accesses a blockchain system; the device comprises:

The first receiving module is used for receiving a request for acquiring the electronic certificate, which is sent by a certificate acquirer; the acquisition request carries certificate identification information of the electronic certificate; the electronic certificate is generated by an electronic certificate template which corresponds to a certificate issuing mechanism and is checked by the operation platform;

The first display module displays the electronic certificate corresponding to the certificate identification information to the certificate acquirer according to the acquisition request;

The second uplink module is used for uploading the acquisition event information of the electronic certificate to the blockchain system so that the acquisition event information and the electronic certificate are associated and stored in the blockchain system;

20. An electronic certificate management system based on a blockchain comprises a certificate issuing platform and an operation platform; the certificate issuing platform and the operation platform are both connected to a blockchain system; wherein:

The certificate issuing platform acquires the electronic certificate template corresponding to the certificate issuing organization and the identity information of a acquirer of a certificate acquirer; generating an electronic certificate corresponding to the certificate acquirer according to the electronic certificate template and the identity information of the acquirer; the electronic certificate and the identity information of the acquirer are related and uploaded to the blockchain system, and the electronic certificate is sent to a client corresponding to the certificate acquirer, so that the certificate acquirer acquires the electronic certificate through the client; the electronic certificate template comprises certificate signature information corresponding to the certificate authority; before the electronic certificate template corresponding to the certificate authority is obtained, the method further comprises the following steps: determining certificate element information for generating the electronic certificate template; acquiring the certificate signature information corresponding to the certificate issuing organization; the certificate signature information comprises at least one of first signature information of the certificate authority, second signature information of a third party signer and a certificate validity period; and generating the electronic certificate template corresponding to the certificate issuing organization according to the certificate element information and the certificate signature information.

21. A blockchain-based electronic certificate management device applied to a certificate issuing platform, wherein the certificate issuing platform is accessed to a blockchain system; the apparatus includes a processor and a memory electrically connected to the processor, the memory storing a computer program, the processor for invoking and executing the computer program from the memory to implement:

Before the electronic certificate template corresponding to the certificate authority is obtained, the method further comprises the following steps:

22. The electronic certificate management equipment based on the blockchain is applied to a client, and the client accesses to a blockchain system; the apparatus includes a processor and a memory electrically connected to the processor, the memory storing a computer program, the processor for invoking and executing the computer program from the memory to implement:

Further comprises:

23. A storage medium storing a computer program executable by a processor to implement the following flow: