| 发明名称 |
Splitting an SSL Connection Between Gateways |
| 摘要 |
A system for secure communication, including a first security computer communicatively coupled with a client computer via an SSL connection, including a certificate creator, for receiving certificate attributes of a server computer certificate and for creating a signed certificate therefrom, and an SSL connector, for performing an SSL handshake with the client computer using the signed certificate created by said certificate creator, and a second security computer communicatively coupled with a server computer via an SSL connection, and communicatively coupled with the first security computer via a non-SSL connection, including an SSL connector, for performing an SSL handshake with the server computer using a signed certificate provided by the server computer, and a protocol appender, for appending attributes of the signed certificate provided by the server computer within a message communicated to the first security computer. A method is also described and claimed. |
| 申请公布号 |
US2017099261(A1) |
申请公布日期 |
2017.04.06 |
| 申请号 |
US201615383641 |
申请日期 |
2016.12.19 |
| 申请人 |
Finjan, Inc. |
发明人 |
Ben-Itzhak Yuval;Lang Shay;Rubinstein Dmitry |
| 分类号 |
H04L29/06 |
主分类号 |
H04L29/06 |
| 代理机构 |
|
代理人 |
|
| 主权项 |
1. A method for secure communication, comprising:
forwarding, from a first security computer to a second security computer, a request from a client computer to connect to a server computer; establishing an SSL connection between the second security computer and the server computer, comprising performing, by the second security computer, an SSL handshake with the server computer using a signed certificate provided by the server computer; appending, by a protocol appender of the second security computer, attributes of the signed certificate provided by the server computer within a reply message header communicated to the first security computer, the attributes including a domain name and a validity date; receiving, by the first security computer, the reply message including the header containing the certificate attributes of the server computer certificate; creating, by the first security computer, a signed certificate from the received certificate attributes of the server computer certificate; and establishing an SSL connection between the first security computer and the client computer, comprising performing an SSL handshake with the client computer using the signed certificate created by said creating. |
| 地址 |
East Palo Alto CA US |
