主权项 |
1. A certificate deployment bridging apparatus configured to be connected to a network to operate, within a public key infrastructure (PKI), as a bridge between (i) a certificate registration apparatus that communicates with a certificate deployment target based on a specific certificate deployment protocol and (ii) a target deployment device that is not configured to conform to the specific certificate deployment protocol and is not configured to generate public key and private key, said certificate deployment apparatus comprising:
a server interface part that communicates, in conformance with the specific certificate deployment protocol, with a certificate registration apparatus through a network; and a device interface part that (1) generates specific items of information for a certificate signing request corresponding to the target deployment device and sends to the target deployment device the specific items of information to be stored in the target deployment device, and (2) generates a key pair including a private key and a public key for the target deployment device and sends to the target deployment device the key pair to be stored in the target deployment device, wherein the certificate deployment bridging apparatus, after generating the specific items of information for the certificate signing request corresponding to the target deployment device and generating the key pair of the private key and the public key for the target deployment device, generates a self-signed certificate based on the specific items of information corresponding to the target deployment device and including the public key of the target deployment device, in conformance with the specific certificate deployment protocol, employs a certificate from a certificate authority to encrypt the self-signed certificate and transmits the encrypted self-signed certificate, through the server interface part, to the certificate registration apparatus. |