CN115987527B - Certificate management method, account management system of network equipment and electronic equipment - Google Patents
Certificate management method, account management system of network equipment and electronic equipment Download PDFInfo
- Publication number
- CN115987527B CN115987527B CN202211700241.8A CN202211700241A CN115987527B CN 115987527 B CN115987527 B CN 115987527B CN 202211700241 A CN202211700241 A CN 202211700241A CN 115987527 B CN115987527 B CN 115987527B
- Authority
- CN
- China
- Prior art keywords
- proxy service
- certificate
- service
- network
- installation package
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000007726 management method Methods 0.000 title claims abstract description 139
- 238000009434 installation Methods 0.000 claims abstract description 94
- 238000000034 method Methods 0.000 claims abstract description 32
- 238000004891 communication Methods 0.000 claims abstract description 15
- 238000004590 computer program Methods 0.000 claims description 3
- 230000006870 function Effects 0.000 description 17
- 238000012986 modification Methods 0.000 description 7
- 230000004048 modification Effects 0.000 description 7
- 230000008569 process Effects 0.000 description 7
- 230000004075 alteration Effects 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 238000010276 construction Methods 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 238000012423 maintenance Methods 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000008520 organization Effects 0.000 description 1
- 230000000007 visual effect Effects 0.000 description 1
Landscapes
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The application discloses a certificate management method and an account management system of network equipment, wherein the method comprises the following steps: acquiring a first certificate from a network side, wherein the first certificate is used for enabling a corresponding proxy service to execute a network connection function; generating an installation package of the proxy service based on the first certificate, wherein the installation package of the proxy service is used for installing the proxy service; the installation package of the proxy service is capable of being used by the proxy service device to perform the installation of the proxy service and to save the first certificate in the proxy service by connecting to the corresponding proxy service device via a network communication protocol. The method can uniformly manage the certificates through the account management system, and the account management system and the proxy service jointly complete the deployment of the proxy service certificates, so that the difficulty of user management of the certificates is reduced, and the stability of the account management system is improved.
Description
Technical Field
The present invention relates to the field of network device management, and in particular, to a certificate management method, an account management system of a network device, and an electronic device.
Background
For network devices (such as hosts, etc.), users (such as operation and maintenance personnel of the network devices, etc.) often need to log in through account passwords, and then manage the network devices, such as modifying configuration information thereof, etc. The privileged account management system is mainly used for managing accounts and corresponding login passwords, uniformly managing account passwords, encrypting the passwords by hardware, and improving safety when reducing the operation difficulty of users by only selecting the corresponding account to log in.
In order to enable remote management of network devices, even remote cross-regional management, through a privileged account management system, applicant has developed a privileged account management system that includes proxy services. For such a privileged account management system, it also relates to the management of proxy services. Proxy services are proxies for some hosts that access their corresponding hosts by connecting to the proxy service because the hosts do not have a public network IP address. Different hosts may be involved in different proxy services, which require certificates to ensure proper usage. Each proxy service needs to be concerned about the problem of certificate expiration and needs to maintain the proxy service certificate itself, so how to conveniently add the certificate is a problem to be solved.
Disclosure of Invention
The embodiment of the application aims to provide a certificate management method, an account management system of network equipment and electronic equipment.
The embodiment of the application provides a certificate management method, which comprises the following steps:
acquiring a first certificate from a network side, wherein the first certificate is used for enabling a corresponding proxy service to execute a network connection function;
generating an installation package of the proxy service based on the first certificate, wherein the installation package of the proxy service is used for installing the proxy service;
the installation package of the proxy service is capable of being used by the proxy service device to perform the installation of the proxy service and to save the first certificate in the proxy service by connecting to the corresponding proxy service device via a network communication protocol.
Optionally, the method further comprises:
and under the condition that the service life of the first certificate is smaller than the first time period, acquiring a second certificate from the network side, wherein the service life of the second certificate is later than the service life of the first certificate, and the proxy service equipment can be used for storing the second certificate in the proxy service and removing the first certificate from the proxy service.
Optionally, the method further comprises:
acquiring a certificate updating request from a network side;
replacing the first certificate with a third certificate based on the certificate updating request, wherein the third certificate is used for enabling the updated proxy service to execute a network connection function;
generating an updated installation package of the proxy service based on the third certificate;
the proxy service device can install the updated proxy service based on the updated installation package of the proxy service, so that the new proxy service device completes connection, and the third certificate is stored in the updated proxy service.
Optionally, the generating an installation package of the proxy service based on the first certificate includes:
combining the executable program of the proxy service and the first certificate to form an installation package of the proxy service;
and uploading the installation package of the proxy service to the proxy service device, wherein the proxy service device can start an executable program of the proxy service to store the first certificate.
Optionally, the method further comprises:
logging in the target network equipment through the corresponding proxy service based on a login request initiated by a network end and aiming at the target network equipment, wherein the proxy service is connected with the target equipment through a network link.
Optionally, the method further comprises:
acquiring certificates corresponding to each proxy service from a network side, wherein the number of the certificates is multiple;
and under the condition that the certificate needs to be updated or the proxy service needs to be added, updating the certificate corresponding to the proxy service or uploading a new certificate through the network side.
An object of an embodiment of the present application is to provide an account management system of a network device, including:
an overall management service and a proxy service;
the overall management service is configured to:
acquiring a first certificate from a network side, wherein the first certificate is used for enabling a corresponding proxy service to execute a network connection function;
generating an installation package of the proxy service based on the first certificate, wherein the installation package of the proxy service is used for installing the proxy service;
the installation package of the proxy service is capable of being used by the proxy service device to perform the installation of the proxy service and to save the first certificate in the proxy service by connecting to the corresponding proxy service device via a network communication protocol.
Optionally, the overall management service is further configured to:
and under the condition that the service life of the first certificate is smaller than the first time period, acquiring a second certificate from the network side, wherein the service life of the second certificate is later than the service life of the first certificate, and the proxy service equipment can be used for storing the second certificate in the proxy service and removing the first certificate from the proxy service.
An object of an embodiment of the present application is to provide an electronic device, including: and the account management system server is connected with the network terminal and is also connected with proxy service so as to connect corresponding network equipment through the proxy service.
An object of an embodiment of the present application is to provide a computer readable storage medium, characterized in that the computer readable storage medium has stored thereon a computer program which, when executed by a processor, performs the steps of the above method.
Compared with the prior art, the beneficial effects of the embodiment of the application are that: under the condition that the proxy service needs to be established, the account management system firstly acquires a first certificate from the network end, then generates an installation package of the proxy service based on the first certificate, and the account management system is connected to the proxy service equipment through a network communication protocol so that the proxy service equipment acquires the installation package of the proxy service, the proxy service equipment installs the proxy service by utilizing the installation package of the proxy service, and the first certificate is stored in the proxy service. After the proxy service is established, the account management system can establish network connection with the network device through the proxy service so that the user can remotely manage the network devices at different places. According to the method and the device for managing the certificates, the certificates are managed uniformly through the account management system, the user only needs to upload the certificates corresponding to the proxy service to the account management system, and then the account management system and the proxy service equipment are cooperated to complete deployment of the proxy service certificates, so that the difficulty of managing the certificates by the user is reduced, and the reliability and convenience of the account management system are improved. According to the method and the system, the certificate management function of the proxy service is uniformly managed through the account management system, the difficulty of certificate management is reduced, the manual certificate management of a user is replaced through an automatic step, the user needs to pay attention to whether the proxy service deploys the certificate or not, only needs to pay attention to the certificate in the account management system, and the new certificate is uploaded timely under the condition that the certificate is out of date, so that the network connection function of the proxy service is guaranteed, and the robustness of the account management system is further improved.
Drawings
FIG. 1 is a flow chart of a certificate management method according to an embodiment of the present application;
FIG. 2 is another flow chart of a certificate management method according to an embodiment of the present application;
FIG. 3 is a further flowchart of a certificate management method according to an embodiment of the present application;
FIG. 4 is a flow chart of one embodiment of step S200 of FIG. 1 according to an embodiment of the present application;
FIG. 5 is a flow chart of one embodiment of a certificate management method of an embodiment of the present application;
fig. 6 is a schematic diagram of a network deployment architecture according to an embodiment of the present application.
Detailed Description
Various aspects and features of the present application are described herein with reference to the accompanying drawings.
It should be understood that various modifications may be made to the embodiments of the application herein. Therefore, the above description should not be taken as limiting, but merely as exemplification of the embodiments. Other modifications within the scope and spirit of this application will occur to those skilled in the art.
The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments of the application and, together with a general description of the application given above and the detailed description of the embodiments given below, serve to explain the principles of the application.
These and other characteristics of the present application will become apparent from the following description of a preferred form of embodiment, given as a non-limiting example, with reference to the accompanying drawings.
It is also to be understood that, although the present application has been described with reference to some specific examples, those skilled in the art can certainly realize many other equivalent forms of the present application.
The foregoing and other aspects, features, and advantages of the present application will become more apparent in light of the following detailed description when taken in conjunction with the accompanying drawings.
Specific embodiments of the present application will be described hereinafter with reference to the accompanying drawings; however, it is to be understood that the disclosed embodiments are merely exemplary of the application, which can be embodied in various forms. Well-known and/or repeated functions and constructions are not described in detail to avoid obscuring the application with unnecessary or excessive detail. Therefore, specific structural and functional details disclosed herein are not intended to be limiting, but merely serve as a basis for the claims and as a representative basis for teaching one skilled in the art to variously employ the present application in virtually any appropriately detailed structure.
The specification may use the word "in one embodiment," "in another embodiment," "in yet another embodiment," or "in other embodiments," which may each refer to one or more of the same or different embodiments as per the application.
An embodiment of the present application provides a certificate management method, as shown in fig. 1, fig. 5 and fig. 6, including:
s100, acquiring a first certificate from a network side;
in this embodiment, the network end/client of the account management system provides an interface for visual operations, so that an administrator manages the network device account passwords of the company, the user, and the corresponding proxy service. A user may log in to a network device that the user wishes to access through an account management system. A proxy service is a service that is intermediate between the account management system server and the network device. The account management system can integrate a plurality of proxy services to manage network devices in different cities, the proxy services support distributed deployment, the account management system server is connected to corresponding network devices through the proxy services, such as a cloud server, local servers in other cities, a remote desktop and the like, the network devices are cloud and local servers, databases, redis databases and the like, and account passwords of the devices are given to the account management system to be managed uniformly. In this embodiment, the account management system server first obtains a first certificate from the network end, where the first certificate is used to enable the corresponding proxy service to execute the network connection function. Specifically, the account management system needs to establish a corresponding proxy service before establishing a connection with the network device, and establishes a network connection with the network device through the proxy service. In the process of establishing the proxy service, the account management system server firstly acquires a first certificate from the network end, the first certificate is applied by a related certificate application organization, the first certificate has the function of enabling the proxy service to work normally, and particularly, the first certificate is used for enabling the corresponding proxy service to execute a network connection function. The proxy service performs a network connection function, that is, the account management system server is connected to N (N is greater than or equal to 1) network devices through a proxy service network, where at least one network device is not configured with a public network IP address, that is, at least one network device is in a local area network. Through the account management system, the user can remotely manage the network devices.
S200, generating an installation package of the proxy service based on the first certificate;
in this embodiment, after the account management system server obtains the first certificate from the network side, the account management system server generates a corresponding installation package of the proxy service based on the first certificate, where the installation package of the proxy service is used for installing the proxy service. In this embodiment, the proxy service is an ELF file, the ELF file may be directly run under Linux, and the process of generating the installation package of the proxy service is a process of compressing the ELF file and the first certificate in a folder. The account management system server acquires a first certificate from the network side, and generates an installation package of the corresponding proxy service based on the first certificate, wherein the installation package contains the first certificate required by the proxy service. After generating an installation package for installation of the proxy service, subsequent installation of the proxy service may be performed using the installation package to establish a corresponding proxy service. The proxy service can be installed at different places, a user can uniformly manage certificates of the proxy service through the account management system according to the needs, and the user can upload the certificates corresponding to the proxy service to the account management system to generate an installation package corresponding to the proxy service so as to complete the installation of the proxy service.
S300, connecting to a corresponding proxy service device through a network communication protocol, wherein the installation package of the proxy service can be used by the proxy service device to install the proxy service, and saving the first certificate in the proxy service.
In this embodiment, after the account management system generates the installation package of the corresponding proxy service based on the first certificate, the account management system server connects to the corresponding proxy service device through the network communication protocol to perform the installation of the corresponding proxy service. Specifically, after the account management system server is connected with the corresponding proxy service device, the proxy service device may obtain an installation package of the proxy service from the account management system, where the installation package of the proxy service may be used by the proxy service device to perform installation of the proxy service. Under the condition that a new proxy service needs to be created, the network side firstly requests the account management system to acquire an installation package of the proxy service, then the account management system is connected to the proxy service equipment through a network communication protocol SSH, so that the proxy service equipment acquires the installation package of the proxy service, the proxy service equipment installs the proxy service by utilizing the installation package of the proxy service, stores the first certificate in the proxy service, and places the first certificate at a specified position, specifically, the proxy service needs to check whether the first certificate is available or not every time the proxy service is started, and the position checked by the proxy service is the position where the first certificate is placed.
According to the certificate management method, under the condition that proxy service needs to be established, an account management system server firstly acquires a first certificate from a network end, then generates an installation package of the proxy service based on the first certificate, the account management system server is connected to proxy service equipment through a network communication protocol so that the proxy service equipment acquires the installation package of the proxy service, the proxy service equipment installs the proxy service by utilizing the installation package of the proxy service, and the first certificate is stored in the proxy service. After the proxy service is established, the account management system server can establish network connection with the network device through the proxy service so that the user can remotely manage the network devices at different places. Specifically, the user can set the proxy service in different places through the method, and meanwhile, the proxy service is added to the account management system for unified management. The account passwords of the network devices at different places are added to the account management system, and the accounts of the network devices can be managed through the account management system. When the network equipment is managed, only the login operation is needed to be performed on the account management system, the account management system server can send a request to the corresponding proxy service, after the proxy service receives the request, a network communication protocol link channel is established for the account management system server, and command transmission can be performed through the network communication protocol link channel. In the process of establishing the proxy service, the user only needs to upload the certificate corresponding to the proxy service to the account management system through the unified management of the account management system, and then the account management system server and the proxy service equipment cooperate to complete the deployment of the proxy service certificate, so that the difficulty of managing the certificate by the user is reduced, and the reliability of the account management system is improved.
In one embodiment of the present application, as shown in fig. 2, 5 and 6, the method further includes:
s400, acquiring a second certificate from the network side under the condition that the service life of the first certificate is smaller than the first time period.
In this embodiment, the account management system obtains the second certificate from the network side when the lifetime of the first certificate is less than a first period, where the first period is the expected valid lifetime of the certificate of the proxy service. For example, the validity lifetime of the first certificate is one year, and the expected validity lifetime of the certificate of the proxy service is greater than one year, that is, when the validity period of the first certificate with respect to the corresponding proxy service does not satisfy the validity period of the proxy service, the account management system needs to acquire a second certificate that functions the same as the first certificate to maintain the use of the proxy service. The service life of the second certificate is later than that of the first certificate, that is, the account management system acquires the second certificate from the network side after the first certificate is invalid or in the condition that the first certificate is about to be invalid. After the account management system obtains the second certificate, the proxy service device obtains the second certificate from the account management system server, and the proxy service device can be used for storing the second certificate in the proxy service, so that the proxy service can maintain the network connection function based on the second certificate, and meanwhile, the proxy service device removes the expired first certificate from the proxy service.
In one embodiment of the present application, as shown in fig. 3, 5 and 6, the method further includes:
s500, acquiring a certificate updating request from a network side;
in this embodiment, in the case where a new proxy service needs to be established, the account management system server first obtains a certificate update request from the network end, so as to establish the new proxy service through the new certificate. Since the installation package needs to be generated first for establishing a new proxy service, the operation of the account management system server to acquire the certificate update request provides conditions for the subsequent generation of the installation package of the new proxy service.
S600, replacing the first certificate with a third certificate based on the certificate updating request;
in this embodiment, after the account management system server obtains the certificate update request from the network side, the account management system server may replace the first certificate with a third certificate based on the certificate update request, and since the establishment of the previous proxy service is already completed, the first certificate corresponding to the established proxy service stored in the account management system may be removed, where, since a new proxy service needs to be established, the account management system server may replace the first certificate with a certificate corresponding to the new proxy service, that is, the third certificate, based on the certificate update request, so as to complete the establishment of the new proxy service, where the third certificate is used to enable the updated proxy service to perform the network connection function. Specifically, the newly-built proxy service may perform a network connection function, and a user may remotely manage network devices corresponding to the newly-built proxy service through an account management system network end, a server, and the newly-built proxy service.
S700, generating an updated proxy service installation package based on the third certificate;
in this embodiment, after the account management system obtains the third certificate from the network side, the account management system generates an updated installation package of the proxy service based on the third certificate, where the installation package includes the third certificate required by the updated proxy service, where the proxy service device can install the updated proxy service based on the updated installation package of the proxy service, so that a new proxy service device completes connection, and stores the third certificate in the updated proxy service. After generating the installation package of the updated proxy service, the installation package may be used to install the newly established proxy service to establish the updated proxy service. The updated proxy service can be installed at a newly added place, a user can manage the certificate of the updated proxy service through the account management system, and the user can upload the certificate corresponding to the updated proxy service to the account management system to generate an installation package of the updated proxy service so as to complete the installation of the updated proxy service.
In one embodiment of the present application, as shown in fig. 4, 5 and 6, the generating, based on the first certificate, an installation package of the proxy service includes:
s201, merging the executable program of the proxy service and the first certificate to form an installation package of the proxy service;
in this embodiment, after the first certificate is obtained, the account management system server generates an installation package of the corresponding proxy service based on the first certificate, specifically, the account management system server 5 merges the executable program of the proxy service and the first certificate to form an installation package of the proxy service, this process packages the executable program of the proxy service and the first certificate together into one file, that is, an installation package of the proxy service, and after the installation package for the installation of the proxy service is generated, the installation package can be used to perform subsequent installation of the proxy service to establish the corresponding proxy service.
S202, uploading the installation package of the proxy service to the proxy service equipment.
In this embodiment, after the account management system server merges the executable program of the proxy service and the first certificate to form an installation package of the proxy service, the account management system server uploads the installation package of the proxy service to a corresponding proxy service device, where the proxy service device can start the executable program of the proxy service to save the first certificate. Specifically, in the process of establishing the proxy service, the proxy service device completes the installation of the proxy service 5 by using the installation package of the proxy service, and at the same time, the proxy service device may also start the executable program of the proxy service to save the first certificate, that is, put the first certificate in a specified location.
In one embodiment of the present application, as shown in fig. 5 and 6, the method further includes:
logging in the target network equipment through the corresponding proxy service based on a login request initiated by a network end aiming at the target network equipment, wherein the proxy service is connected with the target equipment through a network link 0.
In this embodiment, after the proxy service is established, the proxy service and the account management system server are connected through a network communication protocol, and the account management system server is connected to a target network device through a proxy service network, specifically, the account management system server receives a login request of the target network device, and then the account management system server logs in the target network device through a corresponding proxy service based on a login request for the target 5 network device initiated by a network end/client, where the proxy service and the target device are connected through a network link. For example, the proxy service and the target device may be connected through a network communication protocol, and after the proxy service establishes a connection with the target device, the user may manage the network device remotely through the account management system network/client, the server and the proxy service.
0 in one embodiment of the present application, as shown in fig. 5 and 6, the method further includes:
acquiring certificates corresponding to each proxy service from a network side, wherein the number of the certificates is multiple;
in this embodiment, since the proxy service may be disposed at different locations, the account management system may remotely manage network devices at different locations using the proxy service at different locations. In the process of establishing proxy services, the account management system can acquire certificates corresponding to each proxy service from a network end, and the account management system can establish the proxy services in different places based on the certificates corresponding to each proxy service, wherein the number of the certificates is multiple, and each certificate corresponds to the proxy service in different places and is uniformly managed by the account management system.
And under the condition that the certificate needs to be updated or the proxy service needs to be added, updating the certificate corresponding to the proxy service or uploading a new certificate through the network side.
In this embodiment, after the proxy service is established, when the certificate of the proxy service needs to be updated, the account management system needs to update the certificate corresponding to the proxy service, for example, the account management system server may obtain another certificate with the same role as the certificate after the failure from the network side. After the account management system server acquires the new certificate, the proxy service device acquires the certificate from the account management system server, and the proxy service device stores the certificate in the corresponding proxy service so that the proxy service can maintain the network connection function based on the new certificate, and meanwhile, the proxy service device removes the expired certificate from the proxy service. In the case that the proxy service needs to be added, that is, in the case that a new proxy service needs to be established, the account management system server obtains a certificate of the proxy service from the network end, then generates an installation package of the new proxy service based on the certificate, the proxy service device installs the new proxy service based on the installation package of the new proxy service, so that the new proxy service device completes the connection with the target network device, the new proxy service can be installed at a new adding place, and the user can manage the network device which is connected with the newly added proxy service through the account management system.
The embodiment of the application also provides an account management system based on the same inventive concept, as shown in fig. 6, including:
an overall management service and a proxy service;
the overall management service is configured to:
acquiring a first certificate from a network side, wherein the first certificate is used for enabling a corresponding proxy service to execute a network connection function;
generating an installation package of the proxy service based on the first certificate, wherein the installation package of the proxy service is used for installing the proxy service;
the installation package of the proxy service is capable of being used by the proxy service device to perform the installation of the proxy service and to save the first certificate in the proxy service by connecting to the corresponding proxy service device via a network communication protocol.
The overall management service may be, for example, a software program running on the account management system server described above.
In one embodiment of the present application, the overall management service is further configured to:
and under the condition that the service life of the first certificate is smaller than the first time period, acquiring a second certificate from the network side, wherein the service life of the second certificate is later than the service life of the first certificate, and the proxy service equipment can be used for storing the second certificate in the proxy service and removing the first certificate from the proxy service.
In one embodiment of the present application, the overall management service is further configured to:
acquiring a certificate updating request from a network side;
replacing the first certificate with a third certificate based on the certificate updating request, wherein the third certificate is used for enabling the updated proxy service to execute a network connection function;
generating an updated installation package of the proxy service based on the third certificate;
the proxy service device can install the updated proxy service based on the updated installation package of the proxy service, so that the new proxy service device completes connection, and the third certificate is stored in the updated proxy service.
In one embodiment of the present application, the overall management service is further configured to:
combining the executable program of the proxy service and the first certificate to form an installation package of the proxy service;
and uploading the installation package of the proxy service to the proxy service device, wherein the proxy service device can start an executable program of the proxy service to store the first certificate.
In one embodiment of the present application, the overall management service is further configured to:
logging in the target network equipment through the corresponding proxy service based on a login request initiated by a network end and aiming at the target network equipment, wherein the proxy service is connected with the target equipment through a network link.
In one embodiment of the present application, the overall management service is further configured to:
acquiring certificates corresponding to each proxy service from a network side, wherein the number of the certificates is multiple;
and under the condition that the certificate needs to be updated or the proxy service needs to be added, updating the certificate corresponding to the proxy service or uploading a new certificate through the network side.
The embodiment of the application also provides an electronic device based on the same inventive concept, as shown in fig. 6, including:
and the account management system server is connected with the network terminal and is also connected with proxy service so as to connect corresponding network equipment through the proxy service.
Embodiments of the present application also provide a computer-readable storage medium having a computer program stored thereon, which, when executed by a processor, performs the steps of the above-described method.
Alternatively, in the present embodiment, the storage medium may include, but is not limited to: a U-disk, a Read-only Memory (ROM), a random access Memory (RAM, randomAccess Memory), a removable hard disk, a magnetic disk, or an optical disk, or other various media capable of storing program codes. Alternatively, specific examples in this embodiment may refer to examples described in the foregoing embodiments and optional implementations, and this embodiment is not described herein. It will be appreciated by those skilled in the art that the steps of the application described above may be implemented in a general purpose computing device, they may be concentrated on a single computing device, or distributed across a network of computing devices, they may alternatively be implemented in program code executable by computing devices, so that they may be stored in a storage device for execution by computing devices, and in some cases, the steps shown or described may be performed in a different order than herein, or they may be separately fabricated into individual integrated circuit modules, or multiple modules or steps within them may be fabricated into a single integrated circuit module. Thus, the present application is not limited to any specific combination of hardware and software.
While preferred embodiments of the present application have been described, additional variations and modifications in those embodiments may occur to those skilled in the art once they learn of the basic inventive concepts. It is therefore intended that the following claims be interpreted as including the preferred embodiments and all such alterations and modifications as fall within the scope of the application.
It will be apparent to those skilled in the art that various modifications and variations can be made in the present application without departing from the spirit or scope of the application. Thus, if such modifications and variations of the present application fall within the scope of the claims and the equivalents thereof, the present application is intended to cover such modifications and variations.
Claims (9)
1. A certificate management method, applied to a total management service, comprising:
acquiring a first certificate from a network side, wherein the first certificate is used for enabling a corresponding proxy service to execute a network connection function with network equipment;
generating an installation package of the proxy service based on the first certificate, wherein the installation package of the proxy service is used for installing the proxy service;
the installation package of the proxy service is connected to a corresponding proxy service device through a network communication protocol, can be used by the proxy service device for installing the proxy service, and stores the first certificate in the proxy service; the proxy service equipment is used for installing proxy service by utilizing the installation package of the proxy service;
the generating an installation package of the proxy service based on the first certificate includes:
combining the executable program of the proxy service and the first certificate to form an installation package of the proxy service;
uploading an installation package of the proxy service to the proxy service device, wherein the proxy service device is capable of starting an executable program of the proxy service to save the first certificate;
wherein a plurality of proxy service supports established based on respective corresponding certificates are established at different sites.
2. The method of claim 1, wherein the method further comprises:
and under the condition that the service life of the first certificate is smaller than the first time period, acquiring a second certificate from the network side, wherein the service life of the second certificate is later than the service life of the first certificate, and the proxy service equipment is further used for storing the second certificate in the proxy service and removing the first certificate from the proxy service.
3. The method of claim 1, wherein the method further comprises:
acquiring a certificate updating request from a network side;
replacing the first certificate with a third certificate based on the certificate updating request, wherein the third certificate is used for enabling the updated proxy service to execute a network connection function;
generating an updated installation package of the proxy service based on the third certificate;
the proxy service device can install the updated proxy service based on the updated installation package of the proxy service, so that the new proxy service device completes connection, and the third certificate is stored in the updated proxy service.
4. The method of claim 1, wherein the method further comprises:
logging in the target network equipment through the corresponding proxy service based on a login request initiated by a network end and aiming at the target network equipment, wherein the proxy service is connected with the target network equipment through a network link.
5. The method of claim 1, wherein the method further comprises:
acquiring certificates corresponding to each proxy service from a network side;
and under the condition that the certificate needs to be updated or the proxy service needs to be added, updating the certificate corresponding to the proxy service or uploading a new certificate through the network side.
6. An account management system for a network device, comprising:
an overall management service, and a proxy service, wherein a plurality of proxy service supports established based on respective corresponding certificates are established at different sites;
the overall management service is configured to:
acquiring a first certificate from a network side, wherein the first certificate is used for enabling a corresponding proxy service to execute a network connection function with network equipment;
generating an installation package of the proxy service based on the first certificate, wherein the installation package of the proxy service is used for installing the proxy service;
the installation package of the proxy service is connected to a corresponding proxy service device through a network communication protocol, can be used by the proxy service device for installing the proxy service, and stores the first certificate in the proxy service; the proxy service equipment is used for installing proxy service by utilizing the installation package of the proxy service;
the generating an installation package of the proxy service based on the first certificate includes:
combining the executable program of the proxy service and the first certificate to form an installation package of the proxy service;
and uploading the installation package of the proxy service to the proxy service device, wherein the proxy service device can start an executable program of the proxy service to store the first certificate.
7. The system of claim 6, wherein,
the overall management service is further configured to:
and under the condition that the service life of the first certificate is smaller than the first time period, acquiring a second certificate from the network side, wherein the service life of the second certificate is later than the service life of the first certificate, and the proxy service equipment is further used for storing the second certificate in the proxy service and removing the first certificate from the proxy service.
8. An electronic device, comprising: an account management system server, wherein the account management system server is connected with a network end, and is further connected with a proxy service to connect corresponding network equipment through the proxy service, and the account management system server is used for implementing the method of any one of claims 1 to 5.
9. A computer-readable storage medium, characterized in that it has stored thereon a computer program which, when executed by a processor, performs the steps of the method according to any of claims 1 to 5.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211700241.8A CN115987527B (en) | 2022-12-28 | 2022-12-28 | Certificate management method, account management system of network equipment and electronic equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211700241.8A CN115987527B (en) | 2022-12-28 | 2022-12-28 | Certificate management method, account management system of network equipment and electronic equipment |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN115987527A CN115987527A (en) | 2023-04-18 |
| CN115987527B true CN115987527B (en) | 2024-04-12 |
Family
ID=85964464
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202211700241.8A Active CN115987527B (en) | 2022-12-28 | 2022-12-28 | Certificate management method, account management system of network equipment and electronic equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115987527B (en) |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106953859A (en) * | 2017-03-17 | 2017-07-14 | 郑州云海信息技术有限公司 | A SSL protocol configuration method for WebLogic cluster |
| CN113721931A (en) * | 2021-11-02 | 2021-11-30 | 苏州万店掌软件技术有限公司 | Automatic service deployment method, system and computer readable storage medium |
| CN114157432A (en) * | 2021-11-25 | 2022-03-08 | 上海派拉软件股份有限公司 | Digital certificate acquisition method, device, electronic equipment, system and storage medium |
| CN115002203A (en) * | 2021-03-02 | 2022-09-02 | 京东科技信息技术有限公司 | Data packet capturing method, device, equipment and computer readable medium |
Family Cites Families (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20050074124A1 (en) * | 2003-08-15 | 2005-04-07 | Imcentric, Inc. | Management of SSL/TLS certificates |
| US10841280B2 (en) * | 2018-03-16 | 2020-11-17 | Lightspeed Systems, Inc. | User device-based enterprise web filtering |
-
2022
- 2022-12-28 CN CN202211700241.8A patent/CN115987527B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106953859A (en) * | 2017-03-17 | 2017-07-14 | 郑州云海信息技术有限公司 | A SSL protocol configuration method for WebLogic cluster |
| CN115002203A (en) * | 2021-03-02 | 2022-09-02 | 京东科技信息技术有限公司 | Data packet capturing method, device, equipment and computer readable medium |
| CN113721931A (en) * | 2021-11-02 | 2021-11-30 | 苏州万店掌软件技术有限公司 | Automatic service deployment method, system and computer readable storage medium |
| CN114157432A (en) * | 2021-11-25 | 2022-03-08 | 上海派拉软件股份有限公司 | Digital certificate acquisition method, device, electronic equipment, system and storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN115987527A (en) | 2023-04-18 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US9485134B2 (en) | Managing configurations of system management agents in a distributed environment | |
| US20220029830A1 (en) | Acme centralized management system and load balancing method thereof | |
| CN108055157B (en) | Service node acquisition method and device | |
| CN112612629A (en) | Method and system for realizing component type data interface | |
| US8346886B2 (en) | System, method, and medium for configuring client computers to operate disconnected from a server computer while using a master instance of the operating system | |
| CN1407441A (en) | System and method for automatic management computer service and programmable device | |
| CN101217368A (en) | A network logging on system and the corresponding configuration method and methods for logging on the application system | |
| CN109522042A (en) | A kind of patch update method, system and associated component | |
| CN101420325A (en) | Automatic deployment method, apparatus and system for software package | |
| CN102075339A (en) | VPN management platform, and implementation method and system for VPN service | |
| CN114036236B (en) | Multi-gateway cluster system | |
| WO2012151993A1 (en) | Service pushing method and device | |
| CN115150162B (en) | Root certificate updating method and device | |
| CN102164122A (en) | Mediation apparatus, installation system, installation method, and installation program | |
| CN111104133A (en) | Configuration parameter updating system, method and storage medium | |
| CN113824790B (en) | Cloud native PaaS management platform supporting enterprise-level application | |
| CN101465758A (en) | Method for managing equipment, system and network management server | |
| EP1872256B1 (en) | System and method of waste management | |
| US9690913B2 (en) | License management in a networked software application solution | |
| CN115987527B (en) | Certificate management method, account management system of network equipment and electronic equipment | |
| KR20160025282A (en) | System and method for providing client terminal to user customized synchronization service | |
| CN110750369B (en) | A distributed node management method and system | |
| CN116614323B (en) | Cloud storage enterprise network management method and system based on Rclone | |
| CA3224363A1 (en) | System and method for performing tenant provisioning | |
| US20030154472A1 (en) | Installation server |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |