CPC H04L 9/3268 (2013.01) [H04L 9/085 (2013.01); H04L 9/0825 (2013.01); H04L 9/14 (2013.01); H04L 9/3247 (2013.01); H04L 61/4511 (2022.05)] | 15 Claims |
1. A computer-implemented method for providing, by a server, a first digital certificate to a device, the computer-implemented method comprising:
receiving authentication data from the device via a secure communication channel;
receiving a first certificate identifier from the device, or determining the first certificate identifier via the server, the first certificate identifier being a hash value or a random value;
verifying the authentication data;
receiving a public key from the device, the first public key being created by the device;
sending a first certificate signing request to a certificate authority, the first certificate signing request being related to a first domain name based on the first public key, and the first domain name including the first certificate identifier;
receiving the first digital certificate from the certificate authority, the first digital certificate being signed by the certificate authority, and the first digital certificate being a first wildcard certificate based on the first domain name of the first digital certificate and the first public key of the first digital certificate; and
providing the first digital certificate to the device; wherein
a domain related to the first domain name is controlled by the server, and
the first certificate identifier is a label of the first domain name, the label of the first domain being different from a last label of the first domain name.
|