CPC H04L 9/3268 (2013.01) [H04L 9/3242 (2013.01); H04L 9/3247 (2013.01); H04L 9/3263 (2013.01); H04L 41/0803 (2013.01); H04L 67/01 (2022.05); H04L 9/3265 (2013.01); H04L 9/50 (2022.05)] | 15 Claims |
1. A certificate provisioning method, comprising:
receiving, within a provisioning server and from a client device, a request message including a client identifier and a trust anchor list defining a current configuration of credentials installed on the client device;
retrieving a client target configuration from a configuration database based upon the client identifier;
comparing each installed credential identifier of the trust anchor list with credentials defined within the client target configuration;
generating, when the comparison indicates differences, at least one action item for provisioning the client device, wherein the generated at least one action item, when implemented at the client device, removes ones of the installed credential identifiers not matching the credentials defined within the client target configuration and installs ones of the credentials defined within the client target configuration not matching any installed credential identifier;
generating a response message including a first action item of the at least one action item; and
sending the response message to the client device.
|