	US 12,149,639 B2
	Securely rotating a server certificate
Jeromy Scott Statia, Arlington, WA (US); Chunsheng Yang, Bellevue, WA (US); Priyanka Vilas Deo, Redmond, WA (US); Elizabeth Anne Phippen, Bothell, WA (US); and Bradley Scott Turner, Sammamish, WA (US)
Assigned to Microsoft Technology Licensing, LLC, Redmond, WA (US)
Filed by Microsoft Technology Licensing, LLC, Redmond, WA (US)
Filed on Mar. 3, 2023, as Appl. No. 18/178,349.
Application 18/178,349 is a continuation of application No. 16/736,758, filed on Jan. 7, 2020, granted, now 11,601,289.
Prior Publication US 2023/0208655 A1, Jun. 29, 2023
This patent is subject to a terminal disclaimer.
Int. Cl. H04L 9/32 (2006.01); H04L 9/40 (2022.01); H04L 67/51 (2022.01)

CPC H04L 9/3268 (2013.01) [H04L 9/3265 (2013.01); H04L 63/08 (2013.01); H04L 67/51 (2022.05)]

20 Claims

1. A method performed by a discovery endpoint on a computing device, the method comprising:

providing, from the discovery endpoint to a client, an initial client list of one or more server certificates associated with verifying an identify of a server instance;

generating, at the discovery endpoint, a current list of server certificates based on the initial client list and a new server certificate received from the server instance, the new server certificate being a server certificate currently in use by the server instance;

receiving, at the discovery endpoint from the client, a request for the current list of server certificates associated with verifying the identity of the server instance; and

providing, from the discovery endpoint to the client responsive to the request for the current list, a data object including the current list of server certificates, the data object being cryptographically signed by a server certificate from the one or more server certificates of the initial client list.