	US 11,943,376 B1
	Template based credential provisioning
Massimiliano Pala, Longmont, CO (US)
Assigned to CABLE TELEVISION LABORATORIES, INC., Louisville, CO (US)
Filed by CABLE TELEVISION LABORATORIES, INC., Louisville, CO (US)
Filed on Nov. 15, 2021, as Appl. No. 17/527,029.
Application 17/527,029 is a continuation of application No. 16/271,659, filed on Feb. 8, 2019, granted, now 11,177,967.
Claims priority of provisional application 62/671,227, filed on May 14, 2018.
Claims priority of provisional application 62/628,249, filed on Feb. 8, 2018.
This patent is subject to a terminal disclaimer.
Int. Cl. H04L 9/32 (2006.01); H04L 41/0803 (2022.01); H04L 67/01 (2022.01); H04L 9/00 (2022.01)

CPC H04L 9/3268 (2013.01) [H04L 9/3242 (2013.01); H04L 9/3247 (2013.01); H04L 9/3263 (2013.01); H04L 41/0803 (2013.01); H04L 67/01 (2022.05); H04L 9/3265 (2013.01); H04L 9/50 (2022.05)]

15 Claims

1. A certificate provisioning method, comprising:

receiving, within a provisioning server and from a client device, a request message including a client identifier and a trust anchor list defining a current configuration of credentials installed on the client device;

retrieving a client target configuration from a configuration database based upon the client identifier;

comparing each installed credential identifier of the trust anchor list with credentials defined within the client target configuration;

generating, when the comparison indicates differences, at least one action item for provisioning the client device, wherein the generated at least one action item, when implemented at the client device, removes ones of the installed credential identifiers not matching the credentials defined within the client target configuration and installs ones of the credentials defined within the client target configuration not matching any installed credential identifier;

generating a response message including a first action item of the at least one action item; and

sending the response message to the client device.