CN115987527A - Certificate management method, account management system of network equipment and electronic equipment - Google Patents
Certificate management method, account management system of network equipment and electronic equipment Download PDFInfo
- Publication number
- CN115987527A CN115987527A CN202211700241.8A CN202211700241A CN115987527A CN 115987527 A CN115987527 A CN 115987527A CN 202211700241 A CN202211700241 A CN 202211700241A CN 115987527 A CN115987527 A CN 115987527A
- Authority
- CN
- China
- Prior art keywords
- proxy service
- certificate
- network
- service
- installation package
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000007726 management method Methods 0.000 title abstract description 130
- 238000009434 installation Methods 0.000 claims abstract description 91
- 238000000034 method Methods 0.000 claims abstract description 37
- 238000004891 communication Methods 0.000 claims abstract description 15
- 238000004590 computer program Methods 0.000 claims description 7
- 230000006870 function Effects 0.000 description 18
- 238000012986 modification Methods 0.000 description 7
- 230000004048 modification Effects 0.000 description 7
- 230000008569 process Effects 0.000 description 7
- 230000004075 alteration Effects 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 238000010276 construction Methods 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 238000012423 maintenance Methods 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000000007 visual effect Effects 0.000 description 1
Images
Landscapes
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The application discloses a certificate management method and an account management system of network equipment, wherein the method comprises the following steps: acquiring a first certificate from a network terminal, wherein the first certificate is used for enabling a corresponding proxy service to execute a network connection function; generating an installation package of the proxy service based on the first certificate, wherein the installation package of the proxy service is used for installation of the proxy service; and connecting to a corresponding proxy service device through a network communication protocol, wherein the installation package of the proxy service can be used by the proxy service device for installing the proxy service, and the first certificate is stored in the proxy service. According to the method, the certificate can be managed uniformly through the account management system, the account management system and the proxy service jointly complete deployment of the proxy service certificate, difficulty of managing the certificate by a user is reduced, and stability of the account management system is improved.
Description
Technical Field
The present disclosure relates to the field of network device management, and in particular, to a certificate management method, an account management system of a network device, and an electronic device.
Background
For network devices (e.g., hosts, etc.), users (e.g., operation and maintenance personnel of the network devices, etc.) usually need to log in through account passwords, and then manage the network devices, for example, modify configuration information thereof, etc. The privileged account management system is mainly used for managing accounts and corresponding login passwords, managing the accounts and the passwords in a unified mode, carrying out hardware encryption on the passwords, and enabling a user to only select the corresponding account to login, so that the operation difficulty of the user is reduced, and meanwhile, the safety is improved.
In order to enable remote management, even remote cross-regional management, of network devices by means of a privileged account management system, the applicant has developed a privileged account management system comprising a proxy service. For such privileged account management systems, management of proxy services is also involved. A proxy service is a proxy for some hosts that access their corresponding hosts by connecting to the proxy service since the hosts do not have a public network IP address. Different hosts may involve different proxy services that require certificates to ensure proper use. Each proxy service needs to care about the problem of certificate expiration and needs the user to maintain the proxy service certificate, so how to conveniently add the certificate is a problem which needs to be solved urgently.
Disclosure of Invention
The method can uniformly manage the certificate through the account management system, and the account management system and the proxy service jointly complete deployment of the proxy service certificate, so that difficulty of managing the certificate by a user is reduced, and stability of the account management system is improved.
An embodiment of the present application provides a certificate management method, including:
acquiring a first certificate from a network terminal, wherein the first certificate is used for enabling a corresponding proxy service to execute a network connection function;
generating an installation package of the proxy service based on the first certificate, wherein the installation package of the proxy service is used for installation of the proxy service;
and connecting to a corresponding proxy service device through a network communication protocol, wherein the installation package of the proxy service can be used by the proxy service device to install the proxy service, and the first certificate is stored in the proxy service.
Optionally, the method further comprises:
and under the condition that the service life of the first certificate is less than a first time period, acquiring a second certificate from a network side, wherein the service life of the second certificate is later than that of the first certificate, and the proxy service equipment can be used for storing the second certificate in the proxy service and removing the first certificate from the proxy service.
Optionally, the method further comprises:
acquiring a certificate updating request from a network terminal;
replacing the first certificate with a third certificate based on the certificate update request, wherein the third certificate is used for enabling the updated proxy service to execute a network connection function;
generating an installation package of the updated proxy service based on the third certificate;
wherein the proxy service device is capable of installing the updated proxy service based on the installation package of the updated proxy service, so that the new proxy service device completes the connection, and the third certificate is saved in the updated proxy service.
Optionally, the generating an installation package of the proxy service based on the first certificate includes:
merging the executable program of the proxy service and the first certificate to form an installation package of the proxy service;
uploading the installation package of the proxy service to the proxy service device, wherein the proxy service device can start an executable program of the proxy service to save the first certificate.
Optionally, the method further comprises:
and logging in the target network equipment through the corresponding proxy service based on a login request aiming at the target network equipment initiated by a network terminal, wherein the proxy service is connected with the target equipment through a network link.
Optionally, the method further comprises:
acquiring a certificate corresponding to each proxy service from a network side, wherein the number of the certificates is multiple;
and updating the certificate corresponding to the proxy service or uploading a new certificate through the network terminal under the condition that the certificate needs to be updated or the proxy service needs to be increased.
An object of an embodiment of the present application is to provide an account management system of a network device, including:
a general management service, and an agent service;
the overall management service is configured to:
acquiring a first certificate from a network terminal, wherein the first certificate is used for enabling a corresponding proxy service to execute a network connection function;
generating an installation package of the proxy service based on the first certificate, wherein the installation package of the proxy service is used for installation of the proxy service;
and connecting to a corresponding proxy service device through a network communication protocol, wherein the installation package of the proxy service can be used by the proxy service device to install the proxy service, and the first certificate is stored in the proxy service.
Optionally, the overall management service is further configured to:
and under the condition that the service life of the first certificate is less than a first time period, acquiring a second certificate from a network side, wherein the service life of the second certificate is later than that of the first certificate, and the proxy service equipment can be used for storing the second certificate in the proxy service and removing the first certificate from the proxy service.
An object of an embodiment of the present application is to provide an electronic device, including: the account management system server is connected with the network terminal, and is also connected with the proxy service so as to connect the corresponding network equipment through the proxy service.
An object of an embodiment of the present application is to provide a computer-readable storage medium, wherein a computer program is stored on the computer-readable storage medium, and when the computer program is executed by a processor, the computer program performs the steps of the method.
Compared with the prior art, the beneficial effects of the embodiment of the application lie in that: under the condition that proxy service needs to be established, an account management system firstly acquires a first certificate from a network terminal, then generates an installation package of the proxy service based on the first certificate, the account management system is connected to proxy service equipment through a network communication protocol so that the proxy service equipment acquires the installation package of the proxy service, and the proxy service equipment utilizes the installation package of the proxy service to install the proxy service and stores the first certificate in the proxy service. After establishing the proxy service, the account management system can establish a network connection with the network device through the proxy service so that the user can remotely manage the network device at different places. According to the method and the system, the certificate is uniformly managed through the account management system, the user only needs to upload the certificate corresponding to the proxy service to the account management system, then the account management system and the proxy service device cooperate to complete deployment of the proxy service certificate, difficulty of managing the certificate by the user is reduced, and reliability and convenience of the account management system are improved. According to the method and the system, the certificate management function of the proxy service is managed in a unified mode through the account management system, the difficulty of certificate management is reduced, manual certificate management of a user is replaced through automatic steps, the user needs to pay attention to whether the proxy service deploys the certificate or not, only needs to pay attention to the certificate in the account management system, and uploads a new certificate in time under the condition that the certificate is overdue, so that the network connection function of the proxy service is guaranteed, and the robustness of the account management system is improved.
Drawings
Fig. 1 is a flowchart of a certificate management method according to an embodiment of the present application;
FIG. 2 is another flowchart of a certificate management method according to an embodiment of the present application;
FIG. 3 is a flowchart of a certificate management method according to an embodiment of the present application;
FIG. 4 is a flowchart of one embodiment of step S200 in FIG. 1 according to an embodiment of the present application;
FIG. 5 is a flowchart of a certificate management method according to an embodiment of the present application;
fig. 6 is a schematic diagram of a network deployment architecture according to an embodiment of the present application.
Detailed Description
Various aspects and features of the present application are described herein with reference to the accompanying drawings.
It will be understood that various modifications may be made to the embodiments of the present application. Accordingly, the foregoing description should not be construed as limiting, but merely as exemplifications of embodiments. Those skilled in the art will envision other modifications within the scope and spirit of the application.
The accompanying drawings, which are incorporated in and constitute a part of the specification, illustrate embodiments of the application and, together with a general description of the application given above and the detailed description of the embodiments given below, serve to explain the principles of the application.
These and other characteristics of the present application will become apparent from the following description of preferred forms of embodiment, given as non-limiting examples, with reference to the attached drawings.
It is also to be understood that although the present application has been described with reference to some specific examples, those skilled in the art are able to ascertain many other equivalents to the practice of the present application.
The above and other aspects, features and advantages of the present application will become more apparent in view of the following detailed description when taken in conjunction with the accompanying drawings.
Specific embodiments of the present application are described hereinafter with reference to the accompanying drawings; however, it is to be understood that the disclosed embodiments are merely exemplary of the application, which can be embodied in various forms. Well-known and/or repeated functions and constructions are not described in detail to avoid obscuring the application of unnecessary or unnecessary detail. Therefore, specific structural and functional details disclosed herein are not to be interpreted as limiting, but merely as a basis for the claims and as a representative basis for teaching one skilled in the art to variously employ the present application in virtually any appropriately detailed structure.
The description may use the phrases "in one embodiment," "in another embodiment," "in yet another embodiment," or "in other embodiments," which may each refer to one or more of the same or different embodiments in accordance with the application.
An embodiment of the present application provides a certificate management method, as shown in fig. 1, fig. 5, and fig. 6, the method includes:
s100, acquiring a first certificate from a network end;
in this embodiment, the network side/client side of the account management system provides a visual interface to enable an administrator to manage the account password, the user, and the corresponding proxy service of the company network device. The user can log in the network equipment which the user wants to access through the account management system. The proxy service is a service that is intermediate between the account management system server and the network device. The account management system can integrate a plurality of proxy services to manage network devices in different cities, the proxy services support distributed deployment, the server of the account management system is connected to corresponding network devices through the proxy services, such as a local server connected with a cloud server and other cities, a remote desktop connected with the local server, a database, a Redis database and the like, the network devices refer to the cloud and the local server, the database, the Redis database and the like, and account passwords of the devices are given to the account management system for unified management. In this embodiment, an account management system server first obtains a first certificate from a network side, where the first certificate is used to enable a corresponding proxy service to execute a network connection function. Specifically, before establishing a connection with a network device, the account management system needs to establish a corresponding proxy service, and establishes a network connection with the network device through the proxy service. In the process of establishing the proxy service, the account management system server first obtains a first certificate from a network terminal, the first certificate is applied by a related certificate application authority, the first certificate has a function of enabling the proxy service to normally work, and specifically, the first certificate is used for enabling the corresponding proxy service to execute a network connection function. The proxy service executes a network connection function, which means that the account management system server is connected to N (N is greater than or equal to 1) network devices through a proxy service network, and in the N network devices, at least one network device is not configured with a public network IP address, that is, at least one network device is in a local area network. Through the account management system, the user can remotely manage the network devices.
S200, generating an installation package of the proxy service based on the first certificate;
in this embodiment, after the account management system server obtains the first certificate from the network side, the account management system server generates a corresponding installation package of the proxy service based on the first certificate, where the installation package of the proxy service is used for installing the proxy service. In this embodiment, the proxy service is an ELF file, the ELF file may be directly run under Linux, and the process of generating the installation package of the proxy service is a process of compressing the ELF file and the first certificate in one folder. The account management system server acquires the first certificate from the network terminal, and generates an installation package corresponding to the proxy service based on the first certificate, wherein the installation package contains the first certificate required by the proxy service. After generating an installation package for installation of a proxy service, subsequent installation of the proxy service may be performed using the installation package to establish a corresponding proxy service. The proxy service can be installed in different places, the user can uniformly manage the certificate of the proxy service through the account management system according to needs, the user can upload the certificate corresponding to the proxy service to the account management system, and an installation package corresponding to the proxy service is generated, so that the installation of the proxy service is completed.
S300, connecting to corresponding proxy service equipment through a network communication protocol, wherein the installation package of the proxy service can be used by the proxy service equipment for installing the proxy service, and storing the first certificate in the proxy service.
In this embodiment, after the account management system generates an installation package of the corresponding proxy service based on the first certificate, the account management system server is connected to the corresponding proxy service device through a network communication protocol to install the corresponding proxy service. Specifically, after the account management system server is connected with the corresponding proxy service device, the proxy service device may obtain an installation package of the proxy service from the account management system, and the installation package of the proxy service can be used by the proxy service device to install the proxy service. Under the condition that a new proxy service needs to be created, a network end firstly requests an account management system to acquire an installation package of the proxy service, then the account management system is connected to proxy service equipment through a network communication protocol SSH, so that the proxy service equipment acquires the installation package of the proxy service, the proxy service equipment utilizes the installation package of the proxy service to install the proxy service, and stores a first certificate in the proxy service and puts the first certificate to a specified position, specifically, whether the first certificate is available or not needs to be checked every time the proxy service is started, and the position checked by the proxy service is the position where the first certificate is placed.
According to the certificate management method, under the condition that proxy service needs to be established, an account management system server firstly obtains a first certificate from a network terminal, then generates an installation package of the proxy service based on the first certificate, the account management system server is connected to proxy service equipment through a network communication protocol, so that the proxy service equipment obtains the installation package of the proxy service, the proxy service equipment utilizes the installation package of the proxy service to install the proxy service, and the first certificate is stored in the proxy service. After the proxy service is established, the account management system server can establish network connection with the network equipment through the proxy service so that the user can remotely manage the network equipment at different places. Specifically, the user can set the proxy service at different places by the method, and simultaneously add the proxy service to the account management system for unified management. Account passwords of network devices at different places are added to an account management system, and accounts of the network devices can be managed through the account management system. When the network equipment is managed, only the account management system needs to log in, the server of the account management system sends a request to the corresponding proxy service, the proxy service establishes a network communication protocol link channel to the server of the account management system after receiving the request, and command transmission can be carried out through the network communication protocol link channel. In the process of establishing the proxy service, the certificate is uniformly managed through the account management system, a user only needs to upload the certificate corresponding to the proxy service to the account management system, and then the account management system server and the proxy service device cooperate to complete deployment of the proxy service certificate, so that the difficulty of managing the certificate by the user is reduced, and the reliability of the account management system is improved.
In an embodiment of the present application, as shown in fig. 2, 5 and 6, the method further includes:
s400, under the condition that the service life of the first certificate is less than a first time period, a second certificate is obtained from the network side.
In this embodiment, when the lifetime of the first certificate is less than a first time period, the account management system obtains the second certificate from the network, where the first time period is an expected valid usage time of the certificate of the proxy service. For example, the valid lifetime of the first certificate is one year, and the expected valid lifetime of the certificate of the proxy service is longer than one year, that is, when the lifetime of the first certificate does not satisfy the trial lifetime of the proxy service with respect to the corresponding proxy service, the account management system needs to acquire a second certificate that functions as the first certificate in order to maintain the use of the proxy service. The service life of the second certificate is later than that of the first certificate, that is, the account management system obtains the second certificate from the network side after the first certificate is expired or about to expire. After the account management system acquires the second certificate, the proxy service equipment acquires the second certificate from the account management system server, and can be used for storing the second certificate in the proxy service, so that the proxy service can maintain a network connection function based on the second certificate, and meanwhile, the proxy service equipment removes the expired first certificate from the proxy service.
In an embodiment of the present application, as shown in fig. 3, 5 and 6, the method further includes:
s500, acquiring a certificate updating request from a network terminal;
in this embodiment, in a case that a new proxy service needs to be established, the account management system server first obtains a certificate update request from the network side, so as to establish the new proxy service through a new certificate. Since the establishment of a new proxy service requires that an installation package be generated first, the operation of the account management system server to obtain a certificate update request provides conditions for the subsequent generation of an installation package for a new proxy service.
S600, replacing the first certificate with a third certificate based on the certificate updating request;
in this embodiment, after the account management system server obtains the certificate update request from the network side, the account management system server may replace the first certificate with a third certificate based on the certificate update request, and since the previous proxy service has already completed establishment, the first certificate corresponding to the established proxy service and stored in the account management system may be removed, where, since a new proxy service needs to be established, the account management system server may replace the first certificate with a certificate corresponding to the new proxy service, that is, the third certificate based on the certificate update request, so as to complete establishment of the new proxy service, where the third certificate is used for enabling the updated proxy service to perform a network connection function. Specifically, the newly established proxy service may perform a network connection function, and the user may remotely manage the network device corresponding to the newly established proxy service through the account management system network, the server, and the newly established proxy service.
S700, generating an updated installation package of the proxy service based on the third certificate;
in this embodiment, after the account management system acquires the third certificate from the network side, the account management system may generate, based on the third certificate, an installation package of the updated proxy service, where the installation package carries the third certificate required by the updated proxy service, and the proxy service device may install the updated proxy service based on the installation package of the updated proxy service, so that the new proxy service device completes connection, and stores the third certificate in the updated proxy service. After generating the installation package of the updated proxy service, the installation package can be utilized to perform installation of the newly established proxy service to establish the updated proxy service. The updated proxy service can be installed at a newly added place, the user can manage the certificate of the updated proxy service through the account management system, the user can upload the certificate corresponding to the updated proxy service to the account management system, and an installation package of the updated proxy service is generated, so that the installation of the updated proxy service is completed.
In an embodiment of the application, as shown in fig. 4, 5, and 6, the generating an installation package of the proxy service based on the first certificate includes:
s201, combining the executable program of the proxy service and the first certificate to form an installation package of the proxy service;
in this embodiment, after acquiring the first certificate, the account management system server may generate an installation package of the corresponding proxy service based on the first certificate, specifically, the account management system server 5 merges the executable program of the proxy service and the first certificate to form the installation package of the proxy service, and this process is to package the executable program of the proxy service and the first certificate together into one file, that is, the installation package of the proxy service, and after generating the installation package for installation of the proxy service, the installation package may be used to perform subsequent installation of the proxy service, so as to establish the corresponding proxy service.
S202, uploading the installation package of the proxy service to the proxy service equipment.
In this embodiment, after the account management system server merges the executable program of the proxy service and the first certificate to form an installation package of the proxy service, the account management system server uploads the installation package of the proxy service to the corresponding proxy service device, where the proxy service device can start the executable program of the proxy service to store the first certificate. Specifically, in the process of establishing the proxy service, the proxy service device completes the installation of the proxy service 5 by using the installation package of the proxy service, and at the same time, the proxy service device also starts the executable program of the proxy service to store the first certificate, that is, to place the first certificate in the specified position.
In an embodiment of the present application, as shown in fig. 5 and 6, the method further includes:
and logging in the target network equipment through the corresponding proxy service based on a login request aiming at the target network equipment initiated by a network terminal, wherein the proxy service is connected with the target equipment through a network link 0.
In this embodiment, after the proxy service is established, the proxy service is connected to the account management system server through a network communication protocol, and the account management system server is connected to the target network device through a proxy service network, specifically, the account management system server receives a login request of the target network device, and then the account management system server logs in the target network device through a corresponding proxy service based on a login request of the target 5 network device initiated by a network terminal/client, where the proxy service is connected to the target device through a network link. For example, the proxy service and the target device may be connected through a network communication protocol, and after the proxy service establishes connection with the target device, a user may remotely manage the network device through the account management system network terminal/client, the server and the proxy service.
0 in an embodiment of the present application, as shown in fig. 5 and 6, the method further includes:
acquiring a certificate corresponding to each proxy service from a network side, wherein the number of the certificates is multiple;
in this embodiment, since the proxy service may be set at different locations, the account management system may remotely manage network devices at different locations by using the proxy service at different locations. In the process of establishing the proxy service, the account management system may acquire a certificate corresponding to each proxy service from a network, and the account management system may establish the proxy service at different locations based on the certificate corresponding to each proxy service, where the number of certificates is multiple, and each certificate corresponds to a proxy service at different locations, and is uniformly managed by the account management system.
And updating the certificate corresponding to the proxy service or uploading a new certificate through the network terminal under the condition that the certificate needs to be updated or the proxy service needs to be increased.
In this embodiment, after the proxy service is established, when the certificate of the proxy service needs to be updated, the account management system needs to update the certificate corresponding to the proxy service, for example, the account management system server may obtain another certificate from the network side, which has the same function as the certificate after the certificate is invalidated. After the account management system server acquires a new certificate, the proxy service equipment acquires the certificate from the account management system server, and stores the certificate in the corresponding proxy service, so that the proxy service can maintain the network connection function based on the new certificate, and meanwhile, the proxy service equipment removes the expired certificate from the proxy service. When the proxy service needs to be added, that is, when a new proxy service needs to be established, the account management system server acquires a certificate of the proxy service from the network side, and then generates an installation package of the new proxy service based on the certificate, the proxy service device performs installation of the new proxy service based on the installation package of the new proxy service, so that the new proxy service device completes connection with the target network device, the new proxy service can be installed at the newly added place, and the user can manage the newly added network device connected with the newly added proxy service through the account management system.
Based on the same inventive concept, an embodiment of the present application further provides an account management system, as shown in fig. 6, including:
a general management service, and an agent service;
the overall management service is configured to:
acquiring a first certificate from a network terminal, wherein the first certificate is used for enabling a corresponding proxy service to execute a network connection function;
generating an installation package of the proxy service based on the first certificate, wherein the installation package of the proxy service is used for installation of the proxy service;
and connecting to a corresponding proxy service device through a network communication protocol, wherein the installation package of the proxy service can be used by the proxy service device to install the proxy service, and the first certificate is stored in the proxy service.
The above-described overall management service may be, for example, a software program running on the aforementioned account management system server.
In one embodiment of the present application, the overall management service is further configured to:
and under the condition that the service life of the first certificate is less than a first time period, acquiring a second certificate from a network side, wherein the service life of the second certificate is later than that of the first certificate, and the proxy service equipment can be used for storing the second certificate in the proxy service and removing the first certificate from the proxy service.
In one embodiment of the present application, the overall management service is further configured to:
acquiring a certificate updating request from a network terminal;
replacing the first certificate with a third certificate based on the certificate update request, wherein the third certificate is used for enabling the updated proxy service to execute a network connection function;
generating an installation package of the updated proxy service based on the third certificate;
the proxy service equipment can install the updated proxy service based on the installation package of the updated proxy service so that the new proxy service equipment completes connection and saves the third certificate in the updated proxy service.
In one embodiment of the present application, the overall management service is further configured to:
merging the executable program of the proxy service and the first certificate to form an installation package of the proxy service;
uploading the installation package of the proxy service to the proxy service device, wherein the proxy service device can start an executable program of the proxy service to store the first certificate.
In one embodiment of the present application, the overall management service is further configured to:
and logging in the target network equipment through the corresponding proxy service based on a login request aiming at the target network equipment initiated by a network terminal, wherein the proxy service is connected with the target equipment through a network link.
In one embodiment of the present application, the overall management service is further configured to:
acquiring a certificate corresponding to each proxy service from a network side, wherein the number of the certificates is multiple;
and updating the certificate corresponding to the proxy service or uploading a new certificate through the network terminal under the condition that the certificate needs to be updated or the proxy service needs to be increased.
Based on the same inventive concept, an embodiment of the present application further provides an electronic device, as shown in fig. 6, including:
the account management system server is connected with a network terminal and is also connected with a proxy service so as to connect corresponding network equipment through the proxy service.
Based on the same inventive concept, embodiments of the present application further provide a computer-readable storage medium, on which a computer program is stored, and the computer program, when executed by a processor, performs the steps of the above method.
Optionally, in this embodiment, the storage medium may include but is not limited to: a U-disk, a Read-only Memory (ROM), a Random Access Memory (RAM), a removable hard disk, a magnetic or optical disk, and other various media capable of storing program codes. Optionally, for a specific example in this embodiment, reference may be made to the examples described in the above embodiment and optional implementation, and this embodiment is not described herein again. It will be apparent to those skilled in the art that the steps of the present application as described above may be implemented using a general purpose computing device, they may be centralized on a single computing device or distributed across a network of computing devices, and optionally, they may be implemented using program code executable by a computing device, such that they may be stored in a memory device and executed by a computing device, and in some cases, the steps shown or described may be performed in an order different than that described herein, or they may be separately fabricated into individual integrated circuit modules, or multiple ones of them may be fabricated into a single integrated circuit module. Thus, the present application is not limited to any specific combination of hardware and software.
While the preferred embodiments of the present application have been described, additional variations and modifications in those embodiments may occur to those skilled in the art once they learn of the basic inventive concepts. Therefore, it is intended that the appended claims be interpreted as including preferred embodiments and all alterations and modifications as fall within the scope of the application.
It will be apparent to those skilled in the art that various changes and modifications may be made in the present application without departing from the spirit and scope of the application. Thus, if such modifications and variations of the present application fall within the scope of the claims of the present application and their equivalents, the present application is intended to include such modifications and variations as well.
Claims (10)
1. A method for certificate management, the method comprising:
acquiring a first certificate from a network terminal, wherein the first certificate is used for enabling a corresponding proxy service to execute a network connection function;
generating an installation package of the proxy service based on the first certificate, wherein the installation package of the proxy service is used for installation of the proxy service;
and connecting to a corresponding proxy service device through a network communication protocol, wherein the installation package of the proxy service can be used by the proxy service device for installing the proxy service, and the first certificate is stored in the proxy service.
2. The method of claim 1, wherein the method further comprises:
and under the condition that the service life of the first certificate is less than a first time period, acquiring a second certificate from a network side, wherein the service life of the second certificate is later than that of the first certificate, and the proxy service equipment can be used for storing the second certificate in the proxy service and removing the first certificate from the proxy service.
3. The method of claim 1, wherein the method further comprises:
acquiring a certificate updating request from a network terminal;
replacing the first certificate with a third certificate based on the certificate update request, wherein the third certificate is used for enabling the updated proxy service to execute a network connection function;
generating an installation package of the updated proxy service based on the third certificate;
the proxy service equipment can install the updated proxy service based on the installation package of the updated proxy service so that the new proxy service equipment completes connection and saves the third certificate in the updated proxy service.
4. The method of claim 1, wherein generating the installation package for the proxy service based on the first certificate comprises:
merging the executable program of the proxy service and the first certificate to form an installation package of the proxy service;
uploading the installation package of the proxy service to the proxy service device, wherein the proxy service device can start an executable program of the proxy service to save the first certificate.
5. The method of claim 1, wherein the method further comprises:
and logging in the target network equipment through the corresponding proxy service based on a login request aiming at the target network equipment initiated by a network terminal, wherein the proxy service is connected with the target equipment through a network link.
6. The method of claim 1, wherein the method further comprises:
acquiring a certificate corresponding to each proxy service from a network side, wherein the number of the certificates is multiple;
and updating the certificate corresponding to the proxy service or uploading a new certificate through the network terminal under the condition that the certificate needs to be updated or the proxy service needs to be increased.
7. An account management system of a network device, comprising:
a general management service, and an agent service;
the overall management service is configured to:
acquiring a first certificate from a network terminal, wherein the first certificate is used for enabling a corresponding proxy service to execute a network connection function;
generating an installation package of the proxy service based on the first certificate, wherein the installation package of the proxy service is used for installation of the proxy service;
and connecting to a corresponding proxy service device through a network communication protocol, wherein the installation package of the proxy service can be used by the proxy service device for installing the proxy service, and the first certificate is stored in the proxy service.
8. The system of claim 7,
the overall management service is further configured to:
and under the condition that the service life of the first certificate is less than a first time period, acquiring a second certificate from a network side, wherein the service life of the second certificate is later than that of the first certificate, and the proxy service equipment can be used for storing the second certificate in the proxy service and removing the first certificate from the proxy service.
9. An electronic device, comprising: the account management system server is connected with a network terminal, is also connected with a proxy service so as to connect corresponding network equipment through the proxy service, and is used for realizing the method of any one of claims 1 to 6.
10. A computer-readable storage medium, characterized in that a computer program is stored on the computer-readable storage medium, which computer program, when being executed by a processor, performs the steps of the method according to any one of claims 1 to 6.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211700241.8A CN115987527B (en) | 2022-12-28 | 2022-12-28 | Certificate management method, account management system of network equipment and electronic equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211700241.8A CN115987527B (en) | 2022-12-28 | 2022-12-28 | Certificate management method, account management system of network equipment and electronic equipment |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN115987527A true CN115987527A (en) | 2023-04-18 |
| CN115987527B CN115987527B (en) | 2024-04-12 |
Family
ID=85964464
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202211700241.8A Active CN115987527B (en) | 2022-12-28 | 2022-12-28 | Certificate management method, account management system of network equipment and electronic equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115987527B (en) |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20050071630A1 (en) * | 2003-08-15 | 2005-03-31 | Imcentric, Inc. | Processing apparatus for monitoring and renewing digital certificates |
| CN106953859A (en) * | 2017-03-17 | 2017-07-14 | 郑州云海信息技术有限公司 | A kind of ssl protocol collocation method of WebLogic clusters |
| US20190288985A1 (en) * | 2018-03-16 | 2019-09-19 | Lightspeed Systems, Inc. | User device-based enterprise web filtering |
| CN113721931A (en) * | 2021-11-02 | 2021-11-30 | 苏州万店掌软件技术有限公司 | Automatic service deployment method, system and computer readable storage medium |
| CN114157432A (en) * | 2021-11-25 | 2022-03-08 | 上海派拉软件股份有限公司 | Digital certificate acquisition method, device, electronic equipment, system and storage medium |
| CN115002203A (en) * | 2021-03-02 | 2022-09-02 | 京东科技信息技术有限公司 | Data packet capturing method, device, equipment and computer readable medium |
-
2022
- 2022-12-28 CN CN202211700241.8A patent/CN115987527B/en active Active
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20050071630A1 (en) * | 2003-08-15 | 2005-03-31 | Imcentric, Inc. | Processing apparatus for monitoring and renewing digital certificates |
| CN106953859A (en) * | 2017-03-17 | 2017-07-14 | 郑州云海信息技术有限公司 | A kind of ssl protocol collocation method of WebLogic clusters |
| US20190288985A1 (en) * | 2018-03-16 | 2019-09-19 | Lightspeed Systems, Inc. | User device-based enterprise web filtering |
| CN115002203A (en) * | 2021-03-02 | 2022-09-02 | 京东科技信息技术有限公司 | Data packet capturing method, device, equipment and computer readable medium |
| CN113721931A (en) * | 2021-11-02 | 2021-11-30 | 苏州万店掌软件技术有限公司 | Automatic service deployment method, system and computer readable storage medium |
| CN114157432A (en) * | 2021-11-25 | 2022-03-08 | 上海派拉软件股份有限公司 | Digital certificate acquisition method, device, electronic equipment, system and storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN115987527B (en) | 2024-04-12 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101515926B (en) | Device management method for device management system | |
| EP1978672B1 (en) | Method for implementing management software, hardware with pre-configured software and implementing method thereof | |
| CN112261172B (en) | Service addressing access method, device, system, equipment and medium | |
| US11212273B1 (en) | Central cryptographic management for computer systems | |
| CN106657259B (en) | Routing server and routing service method for server cluster | |
| US11245577B2 (en) | Template-based onboarding of internet-connectible devices | |
| CN109299333B (en) | Block chain network account book member management method, device, equipment and storage medium | |
| CN102164122A (en) | Mediation apparatus, installation system, installation method, and installation program | |
| CN113595782B (en) | Network equipment management method based on SDN | |
| CN112788031A (en) | Envoy architecture-based micro-service interface authentication system, method and device | |
| CN109522042A (en) | A kind of patch update method, system and associated component | |
| CN102347939B (en) | The method of software administration, Apparatus and system | |
| CN111865992A (en) | ACME centralized management system and load balancing method thereof | |
| CN111522625A (en) | Cloud data online evidence obtaining system and method | |
| CN111371615A (en) | Online server, updating method and system of operation and maintenance tool and readable storage medium | |
| CN107508810B (en) | Authentication management method, device and system based on mobile office application | |
| CN110324191B (en) | Hybrid cloud deployment method, device and system | |
| CN115987527A (en) | Certificate management method, account management system of network equipment and electronic equipment | |
| CN115150162B (en) | Root certificate updating method and device | |
| CN115733666A (en) | Password management method and device, electronic equipment and readable storage medium | |
| CN112367415B (en) | Generation method and device of attribute information, electronic equipment and computer readable medium | |
| US11075897B2 (en) | System and method for communicating with a service processor | |
| KR101087145B1 (en) | Provision management system and method for bulk setting provision profile in the system | |
| CN112000540A (en) | Monitoring processing method, system, equipment and storage medium for distributed deployment products | |
| CN116614323B (en) | Cloud storage enterprise network management method and system based on Rclone |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |