TWM618092U - Certificate management system for automated domain verification - Google Patents

Certificate management system for automated domain verification Download PDF

Info

Publication number
TWM618092U
TWM618092U TW110204538U TW110204538U TWM618092U TW M618092 U TWM618092 U TW M618092U TW 110204538 U TW110204538 U TW 110204538U TW 110204538 U TW110204538 U TW 110204538U TW M618092 U TWM618092 U TW M618092U
Authority
TW
Taiwan
Prior art keywords
certificate
application
module
domain
server
Prior art date
Application number
TW110204538U
Other languages
Chinese (zh)
Inventor
林志能
周彥均
Original Assignee
臺灣網路認證股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 臺灣網路認證股份有限公司 filed Critical 臺灣網路認證股份有限公司
Priority to TW110204538U priority Critical patent/TWM618092U/en
Publication of TWM618092U publication Critical patent/TWM618092U/en

Links

Images

Landscapes

  • Information Transfer Between Computers (AREA)

Abstract

一種自動化網域驗證的憑證管理系統,網域管理者裝置自憑證伺服器下載並安裝自動化憑證申請應用程式,當至少一憑證申請請求審核通過時,憑證伺服器提供自動化憑證管理環境申請連結至自動化憑證申請應用程式,以依據自動化憑證管理環境申請連結以連結至自動化憑證管理環境服務伺服器並提供至少一憑證申請請求,自動化憑證管理環境服務伺服器分別依據至少一憑證申請請求對應生成隨機值與設置位置列表並反饋回自動化憑證申請應用程式,自動化憑證申請應用程式依據設置位置列表中的每一個設置位置將對應的隨機值於對應的網域進行隨機值的設置,自動化憑證管理環境服務伺服器再依據至少一憑證申請請求分別連線至對應的網域以進行網域的驗證,當驗證成功後,憑證伺服器依據對應的至少一憑證申請請求生成網域憑證,自動化憑證申請應用程式再透過憑證下載連結以連結至憑證伺服器以進行對應的網域憑證下載,藉此可以達成減少網域憑證申請在網域驗證的驗證時間與提高驗證效率的技術功效。A certificate management system for automated domain verification. The domain administrator device downloads and installs an automated certificate application application from the certificate server. When at least one certificate application request is approved, the certificate server provides an automated certificate management environment to link the application to automation. The certificate application application is linked to the automatic certificate management environment service server based on the automatic certificate management environment application link and provides at least one certificate application request. The automatic certificate management environment service server generates a random value and corresponding to at least one certificate application request. Set the location list and feed back to the automated certificate application application. The automated certificate application application sets the corresponding random value to the corresponding domain according to each setting location in the set location list, and sets the random value to the automated certificate management environment service server Then, according to at least one certificate application request, connect to the corresponding domain to verify the domain. When the authentication is successful, the certificate server generates a domain certificate according to the corresponding at least one certificate application request, and the automated certificate application application passes The certificate download link is used to link to the certificate server to download the corresponding domain certificate, thereby reducing the verification time for domain certificate application in the domain verification and improving the efficiency of verification.

Description

自動化網域驗證的憑證管理系統Credential management system for automated domain verification

一種憑證管理系統,尤其是指一種透過自動化憑證管理環境服務伺服器進行自動化網域驗證的自動化網域驗證的憑證管理系統。 A certificate management system, in particular, refers to a certificate management system that performs automatic domain verification through an automated certificate management environment service server.

現有對於網域憑證的申請,要先對憑證申請人是否合法擁有該網域進行驗證,而現有對於網域的驗證過程是需要憑證申請人與憑證發行單位進行繁複的網域設定與網域驗證。 Existing domain certificate applications must first verify whether the certificate applicant legally owns the domain. The existing domain verification process requires the certificate applicant and the certificate issuer to perform complicated domain settings and domain verification .

現有對於網域的驗證過程是在憑證申請人提出申請後,憑證發行單位會要求憑證申請人在網域的指定路徑、網域名稱系統紀錄…等設置憑證發行單位要求的資訊,在憑證申請人完成憑證發行單位要求資訊於網域的指定路徑、網域名稱系統紀錄…等的設置後,憑證申請人會需要等待憑證發行單位對憑證申請人是否合法擁有該網域進行驗證,在憑證發行單位確認憑證申請人合法擁有該網域後,才對憑證申請人所申請的網域進行網域憑證發行。 The existing verification process for the domain is that after the certificate applicant submits an application, the certificate issuer will ask the certificate applicant to set the information required by the certificate issuer in the specified path of the domain, the domain name system record, etc., in the certificate applicant After completing the setting of the designated path for the domain name system record of the certificate issuer's request information, etc., the certificate applicant will need to wait for the certificate issuer to verify whether the certificate applicant legally owns the domain. Only after confirming that the certificate applicant legally owns the domain, the domain certificate issuance for the domain applied by the certificate applicant.

現有對於網域憑證的申請往往需要花費過多的時間進行對憑證申請人是否合法擁有該網域進行驗證,且對於大量的網域憑證申請也會造成對憑證申請人是否合法擁有該網域進行驗證的困擾。 Existing domain certificate applications often take too much time to verify whether the certificate applicant legally owns the domain, and a large number of domain certificate applications will also cause verification of whether the certificate applicant legally owns the domain. Troubles.

綜上所述,可知先前技術中長期以來一直存在現有對於網域憑證申請在憑證申請人是否合法擁有該網域驗證耗時過多且驗證過程不便的問題,因此有必要提出改進的技術手段,來解決此一問題。 In summary, it can be seen that in the prior art, there have been problems in the prior art that the verification of whether the certificate applicant legally owns the domain is too time-consuming and the verification process is inconvenient. Therefore, it is necessary to propose improved technical means. Solve this problem.

有鑒於先前技術存在現有對於網域憑證申請在憑證申請人是否合法擁有該網域驗證耗時過多且驗證過程不便的問題,本創作遂揭露一種自動化網域驗證的憑證管理系統,其中:本創作所揭露的自動化網域驗證的憑證管理系統,其包含:網域管理者裝置、憑證伺服器以及自動化憑證管理環境服務伺服器,網域管理者裝置自憑證伺服器下載並安裝自動化憑證申請應用程式,自動化憑證申請應用程式更包含:裝置接收模組、裝置生成模組、裝置連線模組、設置模組以及裝置傳送模組;憑證伺服器與自動化憑證申請應用程式建立連線,憑證伺服器更包含:憑證接收模組、審核模組、憑證生成模組以及憑證傳送模組;自動化憑證管理環境服務伺服器更包含:伺服器接收模組、伺服器生成模組、驗證模組以及伺服器傳送模組。 In view of the existing problems in the prior art that it takes too much time and inconvenience to verify whether the certificate applicant legally owns the domain in the domain certificate application, this creation discloses a certificate management system for automatic domain verification, in which: this creation The disclosed certificate management system for automated domain verification includes: a domain manager device, a certificate server, and an automated certificate management environment service server. The domain manager device downloads and installs an automated certificate application application from the certificate server , The automated certificate application application further includes: device receiving module, device generation module, device connection module, setting module, and device transmission module; the certificate server establishes a connection with the automated certificate application application, the certificate server It also includes: a certificate receiving module, an audit module, a certificate generation module, and a certificate transmission module; the automated certificate management environment service server also includes: a server receiving module, a server generating module, a verification module, and a server Transmission module.

裝置接收模組是用以接收至少一憑證申請資訊,接收自動化憑證管理環境(Automatic Certificate Management Environment,ACME)申請連結;裝置生成模組與裝置接收模組相連,裝置生成模組是用以依據至少一憑證申請資訊對應生成至少一憑證申請請求;裝置連線模組是用以當自動化憑證管理環境申請連結被觸發時,連結至自動化憑證管理環境服務伺服器,並提供至少一憑證申請請求至自動化憑證管理環境服務伺服器,接收與至少一憑證申請請求 對應的隨機值與設置位置列表,接收與至少一憑證申請請求對應的驗證成功回應並傳送與至少一憑證申請請求對應的憑證下載請求,接收與至少一憑證申請請求對應的憑證下載連結,當憑證下載連結被觸發時,連結至憑證伺服器以進行與至少一憑證申請請求對應的網域憑證下載;設置模組與裝置連線模組相連,設置模組是用以依據設置位置列表中的每一個設置位置將對應的隨機值於對應的網域進行隨機值的設置;及裝置傳送模組是傳送至少一憑證申請請求,當設置模組對對應的網域完成隨機值的設置後,傳送對應的設置完成回應。 The device receiving module is used to receive at least one certificate application information, and to receive the automatic certificate management environment (Automatic Certificate Management Environment, ACME) application link; the device generation module is connected to the device receiving module, and the device generation module is used to receive at least One certificate application information corresponds to generating at least one certificate application request; the device connection module is used to connect to the automatic certificate management environment service server when the automatic certificate management environment application link is triggered, and provide at least one certificate application request to the automation The certificate management environment service server receives and at least one certificate application request Corresponding random value and setting location list, receive a verification success response corresponding to at least one credential application request, transmit a credential download request corresponding to the at least one credential application request, receive a credential download link corresponding to the at least one credential application request, when the credential When the download link is triggered, it connects to the certificate server to download the domain certificate corresponding to at least one certificate application request; the setting module is connected to the device connection module, and the setting module is used to set each position in the list A setting location sets the corresponding random value in the corresponding domain to set the random value; and the device transmission module transmits at least one credential application request. After the setting module completes the random value setting of the corresponding domain, it transmits the corresponding The settings are complete and respond.

憑證接收模組是用以自裝置傳送模組接收至少一憑證申請請求,接收與至少一憑證申請請求對應的驗證成功回應;審核模組與憑證接收模組相連,審核模組是用以對至少一憑證申請請求進行審核;憑證生成模組是用以當憑證接收模組接收到對應的驗證成功回應時,依據對應的至少一憑證申請請求生成網域憑證;及憑證傳送模組是當至少一憑證申請請求審核通過時,傳送自動化憑證管理環境申請連結至裝置接收模組。 The certificate receiving module is used to receive at least one certificate application request from the device transmission module, and receive a verification success response corresponding to the at least one certificate application request; the verification module is connected to the certificate receiving module, and the verification module is used to A certificate application request is reviewed; the certificate generation module is used to generate a domain certificate according to the corresponding at least one certificate application request when the certificate receiving module receives a corresponding verification success response; and the certificate transmission module is used when at least one When the certificate application request is approved, the automatic certificate management environment application link is sent to the device receiving module.

伺服器接收模組是用以自裝置連線模組接收至少一憑證申請請求,自裝置傳送模組接收對應的設置完成回應,自裝置連線模組接收與至少一憑證申請請求對應的憑證下載請求;伺服器生成模組是用以分別依據至少一憑證申請請求對應生成隨機值與設置位置列表,依據憑證下載請求生成對應的憑證下載連結;驗證模組與伺服器接收模組相連,驗證模組是依據至少一憑證申請請求分別連線至對應的網域,並依據對應的設置位置列表中的每一個設置位置驗證是否具有隨機值以及驗證隨機值是否正確;及伺服器傳送模組是用以傳送對應的隨機值與設置位置列表至裝置連線模組,當對應的網域中設置位置列 表中的每一個設置位置所設置的隨機值驗證成功時,分別傳送對應的驗證成功回應至裝置連線模組以及憑證接收模組,傳送憑證下載連結至裝置連線模組。 The server receiving module is used to receive at least one certificate application request from the device connection module, receive the corresponding setting completion response from the device transmission module, and receive the certificate download corresponding to the at least one certificate application request from the device connection module Request; the server generation module is used to generate a random value and a list of setting locations according to at least one certificate application request, and generate a corresponding certificate download link according to the certificate download request; the verification module is connected to the server receiving module, and the verification module The group connects to the corresponding domain according to at least one certificate request request, and verifies whether there is a random value and whether the random value is correct according to each setting position in the corresponding setting position list; and the server transmission module is used To send the corresponding random value and setting location list to the device connection module, when setting the location bar in the corresponding domain When the random value set in each setting position in the table is successfully verified, the corresponding verification success response is sent to the device connection module and the certificate receiving module, and the certificate download link is sent to the device connection module.

本創作所揭露的系統如上,與先前技術之間的差異在於網域管理者裝置自憑證伺服器下載並安裝自動化憑證申請應用程式,當至少一憑證申請請求審核通過時,憑證伺服器提供自動化憑證管理環境申請連結至自動化憑證申請應用程式,以依據自動化憑證管理環境申請連結以連結至自動化憑證管理環境服務伺服器並提供至少一憑證申請請求,自動化憑證管理環境服務伺服器分別依據至少一憑證申請請求對應生成隨機值與設置位置列表,自動化憑證申請應用程式依據設置位置列表中的每一個設置位置將對應的隨機值於對應的網域進行隨機值的設置,自動化憑證管理環境服務伺服器再依據至少一憑證申請請求分別連線至對應的網域以進行網域的驗證,當驗證成功後,憑證伺服器依據對應的至少一憑證申請請求生成網域憑證,自動化憑證申請應用程式再透過憑證下載連結以連結至憑證伺服器以進行對應的網域憑證下載。 The system disclosed in this creation is as above, and the difference between it and the prior art is that the domain administrator device downloads and installs an automated certificate application application from the certificate server. When at least one certificate application request is approved, the certificate server provides an automated certificate The management environment application is linked to the automated certificate application application, and the automated certificate management environment application link is linked to the automated certificate management environment service server and provides at least one certificate application request, and the automated certificate management environment service server respectively applies at least one certificate application Request to generate a random value and setting location list correspondingly, the automated certificate application application will set the random value to the corresponding domain according to each setting location in the setting location list, and the automated certificate management environment service server will then follow it At least one certificate application request is connected to the corresponding domain for domain verification. When the verification is successful, the certificate server generates a domain certificate according to the corresponding at least one certificate application request, and the automated certificate application application downloads the certificate through the certificate Link to link to the certificate server to download the corresponding domain certificate.

透過上述的技術手段,本創作可以達成減少網域憑證申請在網域驗證的驗證時間與提高驗證效率的技術功效。 Through the above-mentioned technical means, this creation can achieve the technical effect of reducing the verification time of domain certificate application in the domain verification and improving the verification efficiency.

10:網域管理者裝置 10: Domain Manager Device

11:自動化憑證申請應用程式 11: Automated certificate application application

12:裝置接收模組 12: Device receiving module

13:裝置生成模組 13: Device generation module

14:裝置連線模組 14: Device connection module

15:設置模組 15: Setting up the module

16:裝置傳送模組 16: Device transfer module

20:憑證伺服器 20: certificate server

21:憑證接收模組 21: Certificate receiving module

22:審核模組 22: Audit module

23:憑證生成模組 23: Credential generation module

24:憑證傳送模組 24: Certificate Transmission Module

30:自動化憑證管理環境服務伺服器 30: Automated certificate management environment service server

31:伺服器接收模組 31: Server receiving module

32:伺服器生成模組 32: Server generation module

33:驗證模組 33: Verification Module

34:伺服器傳送模組 34: Server transmission module

41:憑證申請請求 41: Credential application request

42:自動化憑證管理環境申請連結 42: Application link for automated certificate management environment

43:隨機值 43: random value

44:設置位置列表 44: Set location list

45:設置完成回應 45: Set up complete response

46:驗證成功回應 46: Verification success response

47:網域憑證 47: domain certificate

48:憑證下載請求 48: Credential download request

49:憑證下載連結 49: Certificate download link

步驟101:網域管理者裝置自憑證伺服器下載並安裝自動化憑證申請應用程式 Step 101: The domain administrator device downloads and installs the automated certificate application application from the certificate server

步驟102:網域管理者裝置接收至少一憑證申請資訊並依據至少一憑證申請資訊對應生成至少一憑證申請請求 Step 102: The domain administrator device receives at least one certificate application information and correspondingly generates at least one certificate application request according to the at least one certificate application information

步驟103:網域管理者裝置透過自動化憑證申請應用程式傳送至少一憑證申請請求至憑證伺服器 Step 103: The domain administrator device sends at least one certificate application request to the certificate server through the automated certificate application application

步驟104:憑證伺服器對至少一憑證申請請求分別進行審核 Step 104: The certificate server separately reviews at least one certificate application request

步驟105:當至少一憑證申請請求審核通過時,憑證伺服器提供自動化憑證管理環境申請連結至自動化憑證申請應用程式 Step 105: When at least one certificate application request is approved, the certificate server provides an automated certificate management environment application link to the automated certificate application application

步驟106:網域管理者裝置透過自動化憑證申請應用程式依據自動化憑證管理環境申請連結以連結至自動化憑證管理環境服務伺服器並提供至少一憑證申請請求 Step 106: The domain administrator device links to the automated certificate management environment service server through the automated certificate application application and provides at least one certificate application request according to the automated certificate management environment application link

步驟107:自動化憑證管理環境服務伺服器分別依據至少一憑證申請請求對應生成隨機值與設置位置列表 Step 107: The automated certificate management environment service server respectively generates a random value and a list of setting locations according to at least one certificate application request

步驟108:自動化憑證管理環境服務伺服器反饋對應的隨機值與設置位置列表至自動化憑證申請應用程式 Step 108: The automatic certificate management environment service server feedbacks the corresponding random value and setting location list to the automatic certificate application application

步驟109:自動化憑證申請應用程式依據設置位置列表中的每一個設置位置將對應的隨機值於對應的網域進行隨機值的設置 Step 109: The automated certificate application application sets the corresponding random value to the corresponding domain according to each setting location in the setting location list to set the random value

步驟110:當自動化憑證申請應用程式對對應的網域完成隨機值的設置後,反饋對應的設置完成回應至自動化憑證管理環境服務伺服器 Step 110: After the automated certificate application application completes the setting of the random value for the corresponding domain, feedback the corresponding setting completion response to the automated certificate management environment service server

步驟111:自動化憑證管理環境服務伺服器再依據至少一憑證申請請求分別連線至對應的網域,並依據對應的設置位置列表中的每一個設置位置驗證是否具有隨機值以及驗證隨機值是否正確 Step 111: The automated certificate management environment service server then connects to the corresponding domain according to at least one certificate application request, and verifies whether the random value has a random value and whether the random value is correct according to each setting location in the corresponding setting location list

步驟112:當對應的網域中設置位置列表中的每一個設置位置所設置的隨機值驗證成功時,自動化憑證管理環境服務伺服器分別反饋對應的驗證成功回應至自動化憑證申請應用程式以及憑證伺服器 Step 112: When the random value set for each setting location in the setting location list in the corresponding domain is verified successfully, the automated certificate management environment service server respectively feedbacks the corresponding verification success response to the automated certificate application application and the certificate server Device

步驟113:當憑證伺服器接收到驗證成功回應時,憑證伺服器依據對應的至少一憑證申請請求生成網域憑證 Step 113: When the certificate server receives the verification success response, the certificate server generates a domain certificate according to the corresponding at least one certificate application request

步驟114:自動化憑證申請應用程式傳送與至少一憑證申請請求對應的憑證下載請求至自動化憑證管理環境服務伺服器 Step 114: The automated certificate application application sends a certificate download request corresponding to at least one certificate application request to the automated certificate management environment service server

步驟115:自動化憑證管理環境服務伺服器依據憑證下載請求生成對應的憑證下載連結並反饋回自動化憑證申請應用程式 Step 115: The automated certificate management environment service server generates the corresponding certificate download link according to the certificate download request and feeds it back to the automated certificate application application

步驟116:自動化憑證申請應用程式透過憑證下載連結以連結至憑證伺服器以進行對應的網域憑證下載 Step 116: The automated certificate application application links to the certificate server through the certificate download link to download the corresponding domain certificate

第1A圖繪示為本創作自動化網域驗證的憑證管理系統的系統方塊圖。 Figure 1A shows the system block diagram of the certificate management system for this authoring automated domain verification.

第1B圖繪示為本創作所提之裝置以及伺服器的元件示意圖。 Figure 1B is a schematic diagram of the components of the device and server mentioned in this creation.

第2圖繪示為本創作自動化網域驗證的憑證管理的資訊流示意圖。 Figure 2 shows a schematic diagram of the information flow of the certificate management for this authoring automated domain verification.

第3A圖至第3C圖繪示為本創作自動化網域驗證的憑證管理的方法流程圖。 Figures 3A to 3C show the flow chart of the method of credential management for authoring automated domain verification.

以下將配合圖式及實施例來詳細說明本創作的實施方式,藉此對本創作如何應用技術手段來解決技術問題並達成技術功效的實現過程能充分理解並據以實施。 The following will describe the implementation of this creation in detail with the drawings and embodiments, so as to fully understand and implement the implementation process of how this creation uses technical means to solve technical problems and achieve technical effects.

以下首先要說明本創作所揭露的自動化網域驗證的憑證管理系統,並請參考「第1A圖」所示,「第1A圖」繪示為本創作自動化網域驗證的憑證管理系統的系統方塊圖。 The following first describes the certificate management system for automated domain verification disclosed in this creation, and please refer to "Figure 1A". "Figure 1A" shows the system block of the certificate management system for automated domain verification for this creation. picture.

本創作所揭露的自動化網域驗證的憑證管理系統,其包含:網域管理者裝置10、憑證伺服器20以及自動化憑證管理環境服務伺服器30,網域管理者裝置10自憑證伺服器20下載並安裝自動化憑證申請應用程式11,自動化憑證申請應用程式11更包含:裝置接收模組12、裝置生成模組13、裝置連線模組14、設置模組15以及裝置傳送模組16;憑證伺服器20與自動化憑證申請應用程式11建立連線,憑證伺服器20更包含:憑證接收模組21、審核模組22、憑證生成模組23以及憑證傳送模組24;自動化憑證管理環境服務伺服器30更包含:伺服器接收模組31、伺服器生成模組32、驗證模組33以及伺服器傳送模組34。 The certificate management system for automated domain verification disclosed in this creation includes: a domain manager device 10, a certificate server 20, and an automated certificate management environment service server 30. The domain manager device 10 is downloaded from the certificate server 20 And install the automated certificate application application 11, which further includes: a device receiving module 12, a device generating module 13, a device connection module 14, a setting module 15, and a device sending module 16; certificate server The certificate server 20 establishes a connection with the automated certificate application application 11, and the certificate server 20 further includes: a certificate receiving module 21, an audit module 22, a certificate generation module 23, and a certificate transmission module 24; an automatic certificate management environment service server 30 further includes: a server receiving module 31, a server generating module 32, a verification module 33, and a server transmitting module 34.

網域管理者裝置10、憑證伺服器20以及自動化憑證管理環境服務伺服器30皆為計算設備不同的呈現形式,網域管理者裝置10、憑證伺服器20以及自動化憑證管理環境服務伺服器30偏向著重於計算設備的計算效能與資料安全保護…等的性能,但並不是說網域管理者裝置10、憑證伺服器20以及自動化憑證管理環境服務伺服器30就忽略計算設備的其他效能,在此僅為舉例說明之,並不以此侷限本創作的應用範疇。 The domain manager device 10, the certificate server 20, and the automated certificate management environment service server 30 are all different presentation forms of computing devices. The domain manager device 10, the certificate server 20, and the automated certificate management environment service server 30 are biased toward It focuses on the performance of computing equipment’s computing performance and data security protection..., but it does not mean that the domain manager device 10, the certificate server 20, and the automated certificate management environment service server 30 ignore the other performance of the computing equipment. It is only an example, and does not limit the application scope of this creation.

請參考「第1B圖」所示,「第1B圖」繪示為本創作所提之裝置以及伺服器的元件示意圖。 Please refer to "Figure 1B", "Figure 1B" is a schematic diagram of the components of the device and server mentioned in this creation.

本創作所提之計算設備包含但不限於一個或多個處理器501、一個或多個記憶體模組502、及匯流排503等硬體元件,其中,匯流排503可以連接不同的硬體元件。透過所包含之多個硬體元件,計算設備可以載入並執行作業系統,使作業系統在計算設備上運行,也可以執行軟體或程式。計算設備也包含一個外殼509,上述之各個硬體元件設置於外殼內。 The computing device mentioned in this creation includes, but is not limited to, one or more processors 501, one or more memory modules 502, and hardware components such as a bus 503, where the bus 503 can be connected to different hardware components . Through the included multiple hardware components, the computing device can load and execute the operating system, make the operating system run on the computing device, and can also execute software or programs. The computing device also includes a housing 509, and the above-mentioned hardware components are arranged in the housing.

本創作所提之計算設備的匯流排503可以包含一種或多個類型,例如包含資料匯流排(data bus)、位址匯流排(address bus)、控制匯流排(control bus)、擴充功能匯流排(expansion bus)、及/或局域匯流排(local bus)等類型的匯流排。計算設備的匯流排包括但不限於並列的工業標準架構(ISA)匯流排、周邊元件互連(PCI)匯流排、視頻電子標準協會(VESA)局域匯流排、以及串列的通用序列匯流排(USB)、快速周邊元件互連(PCI-E)匯流排等。 The bus 503 of the computing device mentioned in this creation can include one or more types, for example, including data bus, address bus, control bus, and extended function bus. (expansion bus), and/or local bus (local bus) and other types of bus. The bus of computing equipment includes, but is not limited to, parallel industry standard architecture (ISA) bus, peripheral component interconnect (PCI) bus, Video Electronics Standards Association (VESA) local bus, and serial universal serial bus (USB), Fast Peripheral Component Interconnect (PCI-E) bus, etc.

本創作所提之計算設備的處理器501與匯流排503耦接。處理器501包含暫存器(Register)組或暫存器空間,暫存器組或暫存器空間可以完全的被設置在處理晶片上,或全部或部分被設置在處理晶片外並經由專用電氣連接及/或經由匯流排耦接至處理器。處理器501可為處理單元、微處理器或任何合適的處理元件。若計算設備為多處理器設備,也就是計算設備包含多個處理器,則計算設備所包含的處理器都相同或類似,且透過匯流排耦接與通訊。處理器501可以解釋一連串的多個指令以進行特定的運算或操作,例如,數學運算、邏輯運算、資料比對、複製/移動資料等,藉以運行作業系統或執行各種程式、模組、及/或元件。 The processor 501 of the computing device mentioned in this creation is coupled to the bus 503. The processor 501 includes a register group or register space. The register group or register space can be completely set on the processing chip, or all or part of it can be set outside the processing chip and passed through dedicated electrical Connected and/or coupled to the processor via the bus. The processor 501 may be a processing unit, a microprocessor, or any suitable processing element. If the computing device is a multi-processor device, that is, the computing device includes multiple processors, the processors included in the computing device are all the same or similar, and they are coupled and communicated through a bus. The processor 501 can interpret a series of multiple instructions to perform specific operations or operations, such as mathematical operations, logical operations, data comparison, copy/move data, etc., so as to run the operating system or execute various programs, modules, and/ Or components.

計算設備的處理器501可以與晶片組耦接或透過匯流排503與晶片組電性連接。晶片組是由一個或多個積體電路(IC)組成,包含記憶體控制器以及周邊輸出入(I/O)控制器,也就是說,記憶體控制器以及周邊輸出入控制器可以包含在一個積體電路內,也可以使用兩個或更多的積體電路實現。晶片組通常提供了輸出入和記憶體管理功能、以及提供多個通用及/或專用暫存器、計時器等,其中,上述之通用及/或專用暫存器與計時器可以讓耦接或電性連接至晶片組的一個或多個處理器存取或使用。 The processor 501 of the computing device can be coupled to the chipset or electrically connected to the chipset through the bus 503. The chipset is composed of one or more integrated circuits (ICs), including a memory controller and peripheral input/output (I/O) controllers, that is to say, the memory controller and peripheral input/output controllers can be included in In an integrated circuit, two or more integrated circuits can also be used. Chipsets usually provide I/O and memory management functions, as well as multiple general-purpose and/or special-purpose registers, timers, etc., among which the aforementioned general-purpose and/or special-purpose registers and timers can be coupled or One or more processors electrically connected to the chipset are accessed or used.

計算設備的處理器501也可以透過記憶體控制器存取安裝於計算設備上的記憶體模組502和大容量儲存區中的資料。上述之記憶體模組502包含任何類型的揮發性記憶體(volatile memory)及/或非揮發性(non-volatile memory,NVRAM)記憶體,例如靜態隨機存取記憶體(SRAM)、動態隨機存取記憶體(DRAM)、快閃記憶體(Flash)、唯讀記憶體(ROM)等。上述之大容量儲存區可以包含任何類型的儲存裝置或儲存媒體,例如,硬碟機、光碟片、隨身碟(快閃記憶體)、記憶卡(memory card)、固態硬碟(Solid State Disk,SSD)、或任何其他儲存裝置等。也就是說,記憶體控制器可以存取靜態隨機存取記憶體、動態隨機存取記憶體、快閃記憶體、硬碟機、固態硬碟中的資料。 The processor 501 of the computing device can also access the data in the memory module 502 and the mass storage area installed on the computing device through the memory controller. The above-mentioned memory module 502 includes any type of volatile memory (volatile memory) and/or non-volatile (NVRAM) memory, such as static random access memory (SRAM), dynamic random access memory (SRAM) Take memory (DRAM), flash memory (Flash), read-only memory (ROM), etc. The above-mentioned large-capacity storage area can include any type of storage device or storage medium, such as hard disk drives, optical discs, flash drives (flash memory), memory cards (memory cards), and solid state disks (Solid State Disk, SSD), or any other storage device, etc. In other words, the memory controller can access data in static random access memory, dynamic random access memory, flash memory, hard disk drives, and solid state drives.

計算設備的處理器501也可以透過周邊輸出入控制器經由匯流排503與周邊輸出裝置、周邊輸入裝置、通訊介面、以及GPS接收器等周邊裝置或介面連接並通訊。周邊輸入裝置可以是任何類型的輸入裝置,例如鍵盤、滑鼠、軌跡球、觸控板、搖桿等,周邊輸出裝置可以是任何類型的輸出裝置,例如顯示器、印表機等,周邊輸入裝置與周邊輸出裝置也可以是同一裝置,例如 觸控螢幕等。通訊介面可以包含無線通訊介面及/或有線通訊介面,無線通訊介面可以包含支援Wi-Fi、Zigbee等無線區域網路、藍牙、紅外線、近場通訊(NFC)、3G/4G/5G等行動通訊網路或其他無線資料傳輸協定的介面,有線通訊介面可為乙太網路裝置、非同步傳輸模式(ATM)裝置、DSL數據機、纜線(Cable)數據機等。處理器501可以週期性地輪詢(polling)各種周邊裝置與介面,使得計算設備能夠透過各種周邊裝置與介面進行資料的輸入與輸出,也能夠與具有上面描述之元件的另一個計算設備進行通訊。 The processor 501 of the computing device can also connect and communicate with peripheral output devices, peripheral input devices, communication interfaces, and GPS receivers and other peripheral devices or interfaces through the peripheral I/O controller via the bus 503. The peripheral input device can be any type of input device, such as a keyboard, mouse, trackball, touchpad, joystick, etc. The peripheral output device can be any type of output device, such as a display, a printer, etc., a peripheral input device It can also be the same device as the peripheral output device, for example Touch screen, etc. The communication interface can include a wireless communication interface and/or a wired communication interface. The wireless communication interface can include a mobile communication network that supports Wi-Fi, Zigbee and other wireless local area networks, Bluetooth, infrared, near field communication (NFC), 3G/4G/5G, etc. The wired communication interface can be an Ethernet device, Asynchronous Transfer Mode (ATM) device, DSL modem, cable modem, etc. The processor 501 can periodically poll various peripheral devices and interfaces, so that the computing device can input and output data through various peripheral devices and interfaces, and can also communicate with another computing device with the above-described components .

網域管理者裝置10、憑證伺服器20以及自動化憑證管理環境服務伺服器30所提及的各模組通常是在各自計算設備中的處理器501執行被載入記憶體模組502之特定程式後產生,或是包含在處理器501中。 The modules mentioned in the domain manager device 10, the certificate server 20, and the automated certificate management environment service server 30 usually execute a specific program loaded into the memory module 502 by the processor 501 in the respective computing device. Generated later, or included in the processor 501.

網域管理者裝置10例如是:一般電腦、筆記型電腦…等,在此僅為舉例說明之,並不以此侷限本創作的應用範疇,網域管理者裝置10、憑證伺服器20以及自動化憑證管理環境服務伺服器30彼此之間是透過有線傳輸方式或是無線傳輸方是建立連線,前述的有線傳輸方式例如是:電纜網路、光纖網路…等,前述的無線傳輸方式例如是:Wi-Fi、行動通訊網路(例如是:3G、4G、5G…等)…等,在此僅為舉例說明之,並不以此侷限本創作的應用範疇。 The domain manager device 10 is, for example, a general computer, a notebook computer, etc., which are only examples for illustration and do not limit the application scope of this creation. The domain manager device 10, the certificate server 20, and automation The certificate management environment service servers 30 establish a connection with each other through a wired transmission method or a wireless transmission party. The aforementioned wired transmission method is, for example, a cable network, an optical fiber network, etc., and the aforementioned wireless transmission method is, for example, : Wi-Fi, mobile communication network (for example: 3G, 4G, 5G... etc.)... etc., this is just an example, and it does not limit the application scope of this creation.

請同時參考「第1A圖」以及「第2圖」所示,「第2圖」繪示為本創作自動化網域驗證的憑證管理的資訊流示意圖。 Please refer to "Figure 1A" and "Figure 2" at the same time. "Figure 2" shows a schematic diagram of the information flow of the certificate management for the automatic domain verification of this creation.

在網域管理者需要對網域申請憑證時,即可透過網域管理者裝置10自憑證伺服器20下載並安裝的自動化憑證申請應用程式11進行自動化憑證申請,網域管理者透過自動化憑證申請應用程式11所提供的使用者介面輸入至 少一憑證申請資訊,憑證申請資訊包含有基本資訊、聯絡人資訊以及付費資訊…等,在此僅為舉例說明之,並不以此侷限本創作的應用範疇。 When the domain administrator needs to apply for a certificate for the domain, he can use the automatic certificate application application 11 downloaded and installed from the certificate server 20 through the domain administrator device 10 to perform automatic certificate application, and the domain administrator can apply through the automatic certificate Enter the user interface provided by Application 11 to One less voucher application information. The voucher application information includes basic information, contact information, and payment information.

當網域管理者於使用者介面輸入至少一憑證申請資訊完成後,裝置接收模組12即可接收至少一憑證申請資訊,在裝置接收模組12接收至少一憑證申請資訊時,裝置生成模組13即可依據至少一憑證申請資訊對應生成至少一憑證申請請求41,在裝置生成模組13依據至少一憑證申請資訊對應生成至少一憑證申請請求41時,裝置傳送模組16即可傳送至少一憑證申請請求41至憑證接收模組21。 After the domain administrator inputs at least one certificate application information in the user interface, the device receiving module 12 can receive at least one certificate application information. When the device receiving module 12 receives at least one certificate application information, the device generating module 13 can generate at least one certificate application request 41 corresponding to at least one certificate application information. When the device generation module 13 generates at least one certificate application request 41 corresponding to at least one certificate application information, the device transmission module 16 can send at least one certificate application request 41. The certificate application request 41 goes to the certificate receiving module 21.

憑證接收模組21自裝置傳送模組16接收至少一憑證申請請求41時,審核模組22即可對至少一憑證申請請求41進行審核,審核模組22即是對憑證申請資訊中的基本資訊、聯絡人資訊以及付費資訊…等資訊進行審核,例如是:透過聯絡人資訊中的手機號碼以簡訊提供一次性密碼的方式確認聯絡人、依據付費資訊中匯入帳號、匯出帳號以及匯款金額確認匯款金額的正確性…等,在此僅為舉例說明之,並不以此侷限本創作的應用範疇。 When the certificate receiving module 21 receives at least one certificate application request 41 from the device transmission module 16, the verification module 22 can review the at least one certificate application request 41. The verification module 22 is the basic information in the certificate application information. , Contact information, payment information... and other information, such as: confirm the contact by providing a one-time password through the mobile phone number in the contact information, and import and export the account number and the remittance amount according to the payment information To confirm the correctness of the remittance amount... etc., this is just an example, not to limit the application scope of this creation.

當至少一憑證申請請求41通過審核模組22的審核時,憑證傳送模組24即可傳送自動化憑證管理環境申請連結42至裝置接收模組12,裝置接收模組12即可自憑證傳送模組24接收自動化憑證管理環境申請連結42,當自動化憑證管理環境申請連結42被網域管理者觸發時,裝置連線模組14即可連結至自動化憑證管理環境服務伺服器30,並且裝置連線模組14提供至少一憑證申請請求41至自動化憑證管理環境服務伺服器30。 When at least one certificate application request 41 passes the review by the review module 22, the certificate transmission module 24 can send the automated certificate management environment application link 42 to the device receiving module 12, and the device receiving module 12 can send from the certificate transmission module 24. Receive the automated certificate management environment application link 42. When the automated certificate management environment application link 42 is triggered by the domain manager, the device connection module 14 can connect to the automated certificate management environment service server 30, and the device connection module The group 14 provides at least one certificate application request 41 to the automated certificate management environment service server 30.

伺服器接收模組31自裝置連線模組14接收至少一憑證申請請求41時,伺服器生成模組32即可分別依據至少一憑證申請請求41對應生成隨機值 43與設置位置列表44,設置位置列表44中具有至少一設置位置,設置位置例如是:網域的指定路徑、網域名稱系統紀錄(DNS record)…等,在此僅為舉例說明之,並不以此侷限本創作的應用範疇。 When the server receiving module 31 receives at least one certificate application request 41 from the device connection module 14, the server generating module 32 can respectively generate random values corresponding to the at least one certificate application request 41 43 and the setting location list 44. The setting location list 44 has at least one setting location. The setting location is, for example, the designated path of the domain, the DNS record of the domain name system, etc. This is only an example for illustration. Do not limit the application scope of this creation.

值得注意的是,設置位置列表44中的每一個設置位置可對應設置相同的隨機值43,或是設置位置列表44中的每一個設置位置對應設置不相同的隨機值43,具體而言,在網域的指定路徑設置隨機值43為123456以及在網域名稱系統紀錄設置隨機值43為123456,或是在網域的指定路徑設置隨機值43為123456以及在網域名稱系統紀錄設置隨機值43為654321,在此僅為舉例說明之,並不以此侷限本創作的應用範疇,伺服器生成模組32生成隨機值43可以是直接進行隨機值的計算或是依據對應的憑證申請請求41進行隨機值43的計算,在此僅為舉例說明之,並不以此侷限本創作的應用範疇。 It is worth noting that each setting position in the setting position list 44 can be set to the same random value 43, or each setting position in the setting position list 44 can be set to a different random value 43. Specifically, in Set a random value of 43 to 123456 for the specified path of the domain and set a random value of 43 to 123456 in the domain name system record, or set a random value of 43 to 123456 in the specified path of the domain and set a random value of 43 in the domain name system record It is 654321, which is just an example for illustration, and does not limit the application scope of this creation. The server generating module 32 generates the random value 43 by directly calculating the random value or according to the corresponding certificate application request 41 The calculation of the random value 43 is just an example here, and it does not limit the application scope of this creation.

在伺服器生成模組32分別依據至少一憑證申請請求41對應生成隨機值43與設置位置列表44時,伺服器傳送模組34即可傳送與至少一憑證申請請求41對應的隨機值43與設置位置列表44至裝置連線模組14,在裝置連線模組14自伺服器傳送模組34接收到與至少一憑證申請請求41對應的隨機值43與設置位置列表44時,設置模組15即可依據設置位置列表44中的每一個設置位置將對應的隨機值43於對應的網域進行隨機值的設置。 When the server generating module 32 respectively generates the random value 43 and the setting location list 44 corresponding to the at least one certificate application request 41, the server sending module 34 can send the random value 43 and the setting corresponding to the at least one certificate application request 41 The location list 44 is sent to the device connection module 14. When the device connection module 14 receives the random value 43 corresponding to at least one certificate request request 41 and the setting location list 44 from the server transmission module 34, the setting module 15 That is, according to each setting position in the setting position list 44, the corresponding random value 43 is set in the corresponding network domain.

在設置模組15依據設置位置列表44中的每一個設置位置將對應的隨機值43於對應的網域進行隨機值的設置,即設置模組15對對應的網域完成隨機值43的設置,裝置傳送模組16即會傳送與至少一憑證申請請求41對應的設置完成回應45至伺服器接收模組31。 The setting module 15 sets the corresponding random value 43 to the corresponding network domain according to each setting position in the setting position list 44, that is, the setting module 15 completes the setting of the random value 43 for the corresponding network domain. The device transmission module 16 then transmits a setting completion response 45 corresponding to the at least one certificate application request 41 to the server receiving module 31.

在伺服器接收模組31自裝置傳送模組16接收與至少一憑證申請請求41對應的設置完成回應45時,驗證模組33即會依據至少一憑證申請請求41分別連線至對應的網域,並依據與至少一憑證申請請求41對應的設置位置列表44中的每一個設置位置驗證是否具有隨機值43以及驗證隨機值43是否正確。 When the server receiving module 31 receives the setting completion response 45 corresponding to the at least one certificate application request 41 from the device transmission module 16, the verification module 33 will connect to the corresponding domain according to the at least one certificate application request 41. , And verify whether there is a random value 43 and whether the random value 43 is correct according to each setting position in the setting position list 44 corresponding to the at least one credential application request 41.

當對應的網域中設置位置列表44中的每一個設置位置所設置的隨機值43被驗證模組33驗證成功時,即可藉由伺服器傳送模組34分別傳送與至少一憑證申請請求41對應的驗證成功回應46至裝置連線模組14以及憑證接收模組21。 When the random value 43 set for each setting position in the setting position list 44 in the corresponding domain is successfully verified by the verification module 33, the server transmission module 34 can send and at least one certificate application request 41 respectively. The corresponding verification success response 46 is sent to the device connection module 14 and the certificate receiving module 21.

憑證接收模組21在自伺服器傳送模組34接收到與至少一憑證申請請求41對應的驗證成功回應46時,憑證生成模組23即會依據對應的至少一憑證申請請求41生成網域憑證47。 When the certificate receiving module 21 receives the verification success response 46 corresponding to at least one certificate application request 41 from the server transmission module 34, the certificate generation module 23 generates a domain certificate according to the corresponding at least one certificate application request 41 47.

裝置連線模組14在自伺服器傳送模組34接收到與至少一憑證申請請求41對應的驗證成功回應46時,裝置連線模組14即可傳送與至少一憑證申請請求41對應的憑證下載請求48至伺服器接收模組31,在伺服器接收模組31自裝置連線模組14接收與至少一憑證申請請求41對應的憑證下載請求48時,伺服器生成模組32即可依據憑證下載請求48生成對應的憑證下載連結49。 When the device connection module 14 receives the verification success response 46 corresponding to the at least one certificate application request 41 from the server transmission module 34, the device connection module 14 can transmit the certificate corresponding to the at least one certificate application request 41 The download request 48 is sent to the server receiving module 31. When the server receiving module 31 receives the certificate download request 48 corresponding to at least one certificate application request 41 from the device connection module 14, the server generating module 32 can follow The credential download request 48 generates a corresponding credential download link 49.

在伺服器生成模組32依據憑證下載請求48生成對應的憑證下載連結49時,伺服器傳送模組34即可傳送憑證下載連結49至裝置連線模組14,當憑證下載連結49被觸發時,自動化憑證申請應用程式11即可連結至憑證伺服器20以進行與至少一憑證申請請求41對應的網域憑證47下載。 When the server generating module 32 generates the corresponding certificate download link 49 according to the certificate download request 48, the server sending module 34 can send the certificate download link 49 to the device connection module 14. When the certificate download link 49 is triggered , The automated certificate application application 11 can connect to the certificate server 20 to download the domain certificate 47 corresponding to the at least one certificate application request 41.

接著,以下將說明本創作的運作,並請同時參考「第3A圖」至「第3C圖」所示,「第3A圖」至「第3C圖」繪示為本創作自動化網域驗證的憑證管理的方法流程圖。 Next, the following will explain the operation of this creation, and please refer to the "Figure 3A" to "Figure 3C" as shown. "Figure 3A" to "Figure 3C" show the certificate of automatic domain verification for this creation. Flow chart of management method.

首先,網域管理者裝置自憑證伺服器下載並安裝自動化憑證申請應用程式(步驟101);接著,網域管理者裝置接收至少一憑證申請資訊並依據至少一憑證申請資訊對應生成至少一憑證申請請求(步驟102);接著,網域管理者裝置透過自動化憑證申請應用程式傳送至少一憑證申請請求至憑證伺服器(步驟103);接著,憑證伺服器對至少一憑證申請請求分別進行審核(步驟104);接著,當至少一憑證申請請求審核通過時,憑證伺服器提供自動化憑證管理環境申請連結至自動化憑證申請應用程式(步驟105);接著,網域管理者裝置透過自動化憑證申請應用程式依據自動化憑證管理環境申請連結以連結至自動化憑證管理環境服務伺服器並提供至少一憑證申請請求(步驟106);接著,自動化憑證管理環境服務伺服器分別依據至少一憑證申請請求對應生成隨機值與設置位置列表(步驟107);接著,自動化憑證管理環境服務伺服器反饋對應的隨機值與設置位置列表至自動化憑證申請應用程式(步驟108);接著,自動化憑證申請應用程式依據設置位置列表中的每一個設置位置將對應的隨機值於對應的網域進行隨機值的設置(步驟109);接著,當自動化憑證申請應用程式對對應的網域完成隨機值的設置後,反饋對應的設置完成回應至自動化憑證管理環境服務伺服器(步驟110);接著,自動化憑證管理環境服務伺服器再依據至少一憑證申請請求分別連線至對應的網域,並依據對應的設置位置列表中的每一個設置位置驗證是否具有隨機值以及驗證隨機值是否正確(步驟111);接著,當對應的網域中設置位置列表中的每一個 設置位置所設置的隨機值驗證成功時,自動化憑證管理環境服務伺服器分別反饋對應的驗證成功回應至自動化憑證申請應用程式以及憑證伺服器(步驟112);接著,當憑證伺服器接收到驗證成功回應時,憑證伺服器依據對應的至少一憑證申請請求生成網域憑證(步驟113);接著,自動化憑證申請應用程式傳送與至少一憑證申請請求對應的憑證下載請求至自動化憑證管理環境服務伺服器(步驟114);接著,自動化憑證管理環境服務伺服器依據憑證下載請求生成對應的憑證下載連結並反饋回自動化憑證申請應用程式(步驟115);最後,自動化憑證申請應用程式透過憑證下載連結以連結至憑證伺服器以進行對應的網域憑證下載(步驟116)。 First, the domain administrator device downloads and installs an automated certificate application application from the certificate server (step 101); then, the domain administrator device receives at least one certificate application information and generates at least one certificate application corresponding to the at least one certificate application information Request (step 102); then, the domain administrator device sends at least one certificate application request to the certificate server through the automated certificate application application (step 103); then, the certificate server separately reviews at least one certificate application request (step 104); Then, when at least one certificate application request is approved, the certificate server provides an automated certificate management environment application link to the automated certificate application application (step 105); then, the domain administrator device uses the automated certificate application basis The automated certificate management environment application link links to the automated certificate management environment service server and provides at least one certificate application request (step 106); then, the automated certificate management environment service server generates random values and settings corresponding to the at least one certificate application request respectively Location list (step 107); then, the automated certificate management environment service server feeds back the corresponding random value and the set location list to the automated certification application application (step 108); then, the automated certification application application sets each item in the location list A setting location sets the corresponding random value to the corresponding domain to set the random value (step 109); then, when the automated credential application application completes the random value setting for the corresponding domain, it returns the corresponding setting completion response to The automated certificate management environment service server (step 110); then, the automated certificate management environment service server connects to the corresponding domain according to at least one certificate application request, and sets the position according to each of the corresponding setting positions list Verify that there is a random value and verify that the random value is correct (step 111); then, when each of the location lists is set in the corresponding domain When the verification of the random value set in the setting location is successful, the automated certificate management environment service server feeds back the corresponding verification success response to the automated certificate application application and the certificate server (step 112); then, when the certificate server receives the verification success In response, the certificate server generates a domain certificate according to the corresponding at least one certificate application request (step 113); then, the automated certificate application application sends a certificate download request corresponding to the at least one certificate application request to the automated certificate management environment service server (Step 114); Next, the automated certificate management environment service server generates the corresponding certificate download link according to the certificate download request and feeds it back to the automated certificate application application (Step 115); Finally, the automated certificate application application links through the certificate download link Go to the certificate server to download the corresponding domain certificate (step 116).

綜上所述,可知本創作與先前技術之間的差異在於網域管理者裝置自憑證伺服器下載並安裝自動化憑證申請應用程式,當至少一憑證申請請求審核通過時,憑證伺服器提供自動化憑證管理環境申請連結至自動化憑證申請應用程式,以依據自動化憑證管理環境申請連結以連結至自動化憑證管理環境服務伺服器並提供至少一憑證申請請求,自動化憑證管理環境服務伺服器分別依據至少一憑證申請請求對應生成隨機值與設置位置列表,自動化憑證申請應用程式依據設置位置列表中的每一個設置位置將對應的隨機值於對應的網域進行隨機值的設置,自動化憑證管理環境服務伺服器再依據至少一憑證申請請求分別連線至對應的網域以進行網域的驗證,當驗證成功後,憑證伺服器依據對應的至少一憑證申請請求生成網域憑證,自動化憑證申請應用程式再透過憑證下載連結以連結至憑證伺服器以進行對應的網域憑證下載。 In summary, it can be seen that the difference between this creation and the prior art is that the domain administrator device downloads and installs the automated certificate application application from the certificate server. When at least one certificate application request is approved, the certificate server provides an automated certificate The management environment application is linked to the automated certificate application application, and the automated certificate management environment application link is linked to the automated certificate management environment service server and provides at least one certificate application request, and the automated certificate management environment service server respectively applies at least one certificate application Request to generate a random value and setting location list correspondingly, the automated certificate application application will set the random value to the corresponding domain according to each setting location in the setting location list, and the automated certificate management environment service server will then follow it At least one certificate application request is connected to the corresponding domain for domain verification. When the verification is successful, the certificate server generates a domain certificate according to the corresponding at least one certificate application request, and the automated certificate application application downloads the certificate through the certificate Link to link to the certificate server to download the corresponding domain certificate.

藉由此一技術手段可以來解決先前技術所存在現有對於網域憑證申請在憑證申請人是否合法擁有該網域驗證耗時過多且驗證過程不便的問 題,進而達成減少網域憑證申請在網域驗證的驗證時間與提高驗證效率的技術功效。 This technical method can solve the existing problems in the prior art regarding the verification of the domain certificate application as to whether the certificate applicant legally owns the domain, which takes too much time and the verification process is inconvenient. In order to achieve the technical effect of reducing the verification time of the domain certificate application in the domain verification and improving the verification efficiency.

雖然本創作所揭露的實施方式如上,惟所述的內容並非用以直接限定本創作的專利保護範圍。任何本創作所屬技術領域中具有通常知識者,在不脫離本創作所揭露的精神和範圍的前提下,可以在實施的形式上及細節上作些許的更動。本創作的專利保護範圍,仍須以所附的申請專利範圍所界定者為準。 Although the implementation methods disclosed in this creation are as above, the content described is not used to directly limit the scope of patent protection of this creation. Any person with ordinary knowledge in the technical field to which this creation belongs can make some changes in the form and details of the implementation without departing from the spirit and scope of this creation. The scope of patent protection for this creation shall still be subject to the scope of the attached patent application.

10:網域管理者裝置 10: Domain Manager Device

11:自動化憑證申請應用程式 11: Automated certificate application application

12:裝置接收模組 12: Device receiving module

13:裝置生成模組 13: Device generation module

14:裝置連線模組 14: Device connection module

15:設置模組 15: Setting up the module

16:裝置傳送模組 16: Device transfer module

20:憑證伺服器 20: certificate server

21:憑證接收模組 21: Certificate receiving module

22:審核模組 22: Audit module

23:憑證生成模組 23: Credential generation module

24:憑證傳送模組 24: Certificate Transmission Module

30:自動化憑證管理環境服務伺服器 30: Automated certificate management environment service server

31:伺服器接收模組 31: Server receiving module

32:伺服器生成模組 32: Server generation module

33:驗證模組 33: Verification Module

34:伺服器傳送模組 34: Server transmission module

Claims (5)

一種自動化網域驗證的憑證管理系統,其包含:一網域管理者裝置自一憑證伺服器下載並安裝一自動化憑證申請應用程式,所述自動化憑證申請應用程式更包含:一裝置接收模組,用以接收至少一憑證申請資訊,接收一自動化憑證管理環境(Automatic Certificate Management Environment,ACME)申請連結;一裝置生成模組,所述裝置生成模組與所述裝置接收模組相連,用以依據所述至少一憑證申請資訊對應生成至少一憑證申請請求;一裝置連線模組,用以當所述自動化憑證管理環境申請連結被觸發時,連結至一自動化憑證管理環境服務伺服器,並提供所述至少一憑證申請請求至所述自動化憑證管理環境服務伺服器,接收與所述至少一憑證申請請求對應的一隨機值與一設置位置列表,接收與所述至少一憑證申請請求對應的一驗證成功回應並傳送與所述至少一憑證申請請求對應的一憑證下載請求,接收與所述至少一憑證申請請求對應的一憑證下載連結,當所述憑證下載連結被觸發時,連結至所述憑證伺服器以進行與所述至少一憑證申請請求對應的一網域憑證下載; 一設置模組,所述設置模組與所述裝置連線模組相連,用以依據所述設置位置列表中的每一個設置位置將對應的所述隨機值於對應的網域進行所述隨機值的設置;及一裝置傳送模組,傳送所述至少一憑證申請請求,當所述設置模組對對應的網域完成所述隨機值的設置後,傳送對應的一設置完成回應;所述憑證伺服器與所述自動化憑證申請應用程式建立連線,所述憑證伺服器更包含:一憑證接收模組,用以自所述裝置傳送模組接收所述至少一憑證申請請求,接收與所述至少一憑證申請請求對應的所述驗證成功回應;一審核模組,所述審核模組與所述憑證接收模組相連,用以對所述至少一憑證申請請求進行審核;一憑證生成模組,用以當所述憑證接收模組接收到對應的所述驗證成功回應時,依據對應的所述至少一憑證申請請求生成所述網域憑證;及一憑證傳送模組,當所述至少一憑證申請請求審核通過時,傳送所述自動化憑證管理環境申請連結至所述裝置接收模組;及所述自動化憑證管理環境服務伺服器更包含:一伺服器接收模組,用以自所述裝置連線模組接收所述至少一憑證申請請求,自所述裝置傳送模組接收對應的所述 設置完成回應,自所述裝置連線模組接收與所述至少一憑證申請請求對應的所述憑證下載請求;一伺服器生成模組,用以分別依據所述至少一憑證申請請求對應生成所述隨機值與所述設置位置列表,依據所述憑證下載請求生成對應的一憑證下載連結;一驗證模組,所述驗證模組與所述伺服器接收模組相連,依據所述至少一憑證申請請求分別連線至對應的網域,並依據對應的所述設置位置列表中的每一個設置位置驗證是否具有所述隨機值以及驗證所述隨機值是否正確;及一伺服器傳送模組,用以傳送對應的所述隨機值與所述設置位置列表至所述裝置連線模組,當對應的網域中所述設置位置列表中的每一個設置位置所設置的所述隨機值驗證成功時,分別傳送對應的所述驗證成功回應至所述裝置連線模組以及所述憑證接收模組,傳送所述憑證下載連結至所述裝置連線模組。 A certificate management system for automatic domain verification includes: a domain manager device downloads and installs an automatic certificate application application from a certificate server, the automatic certificate application application further includes: a device receiving module, Used to receive at least one certificate application information, receive an automatic certificate management environment (Automatic Certificate Management Environment, ACME) application link; a device generation module, the device generation module is connected to the device receiving module for The at least one certificate application information correspondingly generates at least one certificate application request; a device connection module is used to connect to an automatic certificate management environment service server when the automatic certificate management environment application link is triggered, and provide The at least one certificate application request is sent to the automated certificate management environment service server, a random value and a setting location list corresponding to the at least one certificate application request are received, and a list corresponding to the at least one certificate application request is received Respond to a successful verification and send a certificate download request corresponding to the at least one certificate application request, receive a certificate download link corresponding to the at least one certificate application request, and link to the certificate download link when the certificate download link is triggered A certificate server to download a domain certificate corresponding to the at least one certificate application request; A setting module, the setting module is connected to the device connection module, and is used to perform the random value on the corresponding network domain according to each setting position in the setting position list Value setting; and a device transmission module that transmits the at least one credential application request, and after the setting module completes the setting of the random value for the corresponding network domain, transmits a corresponding setting completion response; the The certificate server establishes a connection with the automated certificate application application, and the certificate server further includes: a certificate receiving module for receiving the at least one certificate application request from the device transmission module, and receiving and The verification success response corresponding to the at least one certificate application request; an audit module connected to the certificate receiving module for auditing the at least one certificate application request; a certificate generation module Group for generating the domain certificate according to the corresponding at least one certificate application request when the certificate receiving module receives the corresponding verification success response; and a certificate transmission module, when the at least one certificate application request is When a certificate application request is approved, the automatic certificate management environment application link is sent to the device receiving module; and the automatic certificate management environment service server further includes: a server receiving module for receiving The device connection module receives the at least one certificate application request, and receives the corresponding one from the device transmission module Setting completion response, receiving the certificate download request corresponding to the at least one certificate application request from the device connection module; a server generating module for generating all corresponding certificates according to the at least one certificate application request. The random value and the setting location list generate a corresponding certificate download link according to the certificate download request; a verification module, the verification module is connected to the server receiving module, according to the at least one certificate The application request is respectively connected to the corresponding network domain, and verifying whether the random value is present and verifying whether the random value is correct according to each setting position in the corresponding setting position list; and a server transmission module, Used to transmit the corresponding random value and the setting location list to the device connection module, when the random value set at each setting location in the setting location list in the corresponding network domain is verified successfully When the corresponding verification success response is sent to the device connection module and the certificate receiving module, respectively, the certificate download link is sent to the device connection module. 如請求項1所述的自動化網域驗證的憑證管理系統,其中所述伺服器生成模組分別依據所述至少一憑證申請請求對應生成所述隨機值與所述設置位置列表,所述設置位置列表具有至少一設置位置,所述設置位置列表中的每一個設置位置對應設置相同的所述隨機值。 The certificate management system for automated domain verification according to claim 1, wherein the server generating module generates the random value and the setting location list corresponding to the at least one certificate application request, and the setting location The list has at least one setting position, and each setting position in the setting position list is correspondingly set with the same random value. 如請求項1所述的自動化網域驗證的憑證管理系統,其中所述伺服器生成模組分別依據所述至少一憑證申請請求對應生成所述隨機值與所述設 置位置列表,所述設置位置列表具有至少一設置位置,所述設置位置列表中的每一個設置位置對應設置不相同的所述隨機值。 The certificate management system for automated domain verification according to claim 1, wherein the server generating module generates the random value and the device corresponding to the at least one certificate request request. A list of setting positions, where the setting position list has at least one setting position, and each setting position in the setting position list is correspondingly set with the different random value. 如請求項1所述的自動化網域驗證的憑證管理系統,其中所述伺服器生成模組分別依據所述至少一憑證申請請求對應生成所述隨機值與所述設置位置列表,所述設置位置列表具有至少一設置位置,所述至少一設置位置包含網域的指定路徑以及網域名稱系統紀錄(DNS record)。 The certificate management system for automated domain verification according to claim 1, wherein the server generating module generates the random value and the setting location list corresponding to the at least one certificate application request, and the setting location The list has at least one setting location, and the at least one setting location includes a designated path of a network domain and a DNS record. 如請求項1所述的自動化網域驗證的憑證管理系統,其中所述審核模組對所述至少一憑證申請請求進行審核是對所述憑證申請資訊中的基本資訊、聯絡人資訊以及付費資訊進行審核。 The certificate management system for automated domain verification according to claim 1, wherein the review module reviews the at least one certificate application request by reviewing basic information, contact information, and payment information in the certificate application information Conduct an audit.
TW110204538U 2021-04-23 2021-04-23 Certificate management system for automated domain verification TWM618092U (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
TW110204538U TWM618092U (en) 2021-04-23 2021-04-23 Certificate management system for automated domain verification

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
TW110204538U TWM618092U (en) 2021-04-23 2021-04-23 Certificate management system for automated domain verification

Publications (1)

Publication Number Publication Date
TWM618092U true TWM618092U (en) 2021-10-11

Family

ID=79603313

Family Applications (1)

Application Number Title Priority Date Filing Date
TW110204538U TWM618092U (en) 2021-04-23 2021-04-23 Certificate management system for automated domain verification

Country Status (1)

Country Link
TW (1) TWM618092U (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TWI775405B (en) * 2021-04-23 2022-08-21 臺灣網路認證股份有限公司 Credential management system for automatic network domain verification and method thereof
TWI831515B (en) * 2022-12-13 2024-02-01 臺灣網路認證股份有限公司 Automated credential application and domain verification system and method thereof

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TWI775405B (en) * 2021-04-23 2022-08-21 臺灣網路認證股份有限公司 Credential management system for automatic network domain verification and method thereof
TWI831515B (en) * 2022-12-13 2024-02-01 臺灣網路認證股份有限公司 Automated credential application and domain verification system and method thereof

Similar Documents

Publication Publication Date Title
TWM618092U (en) Certificate management system for automated domain verification
TWI644276B (en) System for opening account and applying mobile banking account online and method thereof
TWM539667U (en) System of online credentials application for network transaction via carrier
TWM601411U (en) System for digital account application by using ATM to obtain authentication
TWM641468U (en) Electronic certificate and digital certificate verification system through third-party platform
TWM592629U (en) System to obtain appended data and execute corresponding operation when identity is confirmed
TWM539668U (en) System for opening account online and applying for mobile banking
TWM642428U (en) Prevention and verification system for financial transaction during non-business hours
TWM642431U (en) Prevention and verification system for overseas financial transaction
TWM642520U (en) Online service transaction system that provides performance guarantee and telecom collection settings
TWI730549B (en) System for checking key pair generating algorithm during certificate applying process and method thereof
TWM575144U (en) Computing equipment using password of operating system to encrypt and decrypt
TWI724638B (en) System for using carrier to verity identity in machine for opening account and method thereof
TWI690820B (en) System for using embedded browser module to manage certificate and method thereof
TWM620550U (en) System for verifying identity on different devices by verifying valid certificates
TWM583978U (en) System of using physical carrier to store digital certificate for performing online transaction
TWM603573U (en) System generating authorization content during identity verification before transaction
TWM588313U (en) System for confirming user identity through financial account information
TWI767113B (en) System for using certificate stored in carrier to conduct online transactions and method thereof
TWM580295U (en) System for managing certificate with embedded browser module and computing equipment
TWI729535B (en) System for using financial account to confirm identity and method thereof
TWM586390U (en) A system for performing identity verification according to the service instruction to execute the corresponding service
TWI691859B (en) System for identifying according to instruction to execute service and method thereof
TWI777105B (en) System for obtaining additional data when identifying to execute operation and method thereof
TWM607076U (en) Enterprise intelligence financial transaction system