US 11,843,635 B2
Provisioning encrypted domain name service and secure value-added service with certificates at a customer premise equipment in a broadband satellite system
Chi-Jiun Su, Rockville, MD (US)
Assigned to HUGHES NETWORK SYSTEMS LLC, Germantown, MD (US)
Filed by HUGHES NETWORK SYSTEMS LLC, Germantown, MD (US)
Filed on Dec. 16, 2021, as Appl. No. 17/552,785.
Claims priority of provisional application 63/255,046, filed on Oct. 13, 2021.
Prior Publication US 2023/0115859 A1, Apr. 13, 2023
Int. Cl. H04L 29/06 (2006.01); H04L 9/40 (2022.01); H04L 9/32 (2006.01)
CPC H04L 63/166 (2013.01) [H04L 9/3268 (2013.01); H04L 63/0485 (2013.01); G06Q 2220/00 (2013.01)] 7 Claims
OG exemplary drawing
 
1. A method of communicating over a communication system comprising:
obtaining from a certificate authority (CA) a CA signed certificate at a certificate server;
distributing via a satellite the CA signed certificate to at least one customer premise equipment (CPE) terminal at a customer premise that provides internet services to a client device; and
provisioning workflow at the CPE terminal by:
receiving the CA signed certificate and installing it in a secure place in the CPE terminal;
setting up new encrypted Domain Name Server (DNS) services using proper fully qualified domain name (FQDN) corresponding to the CA signed certificate;
setting up secure value-added services using proper FQDN corresponding to the CA signed certificate;
configuring local split-DNS setup for FQDNs of encrypted DNS and secure web services;
configuring encrypted DNS discovery protocol to use the encrypted DNS services at the CPE terminal; and
invoking value-added services at a client device via standard protocol.