公开(公告)号：US11063750B2

公开(公告)日：2021-07-13

申请号：US16774676

申请日：2020-01-28

Applicant: Citrix Systems, Inc.

Inventor： Keyoor Khristi ,  Mukul Agarwal ,  Ravi Ganesh, V ,  Saurabh Singh ,  Vishnu Prateek

IPC: H04L9/08 ,  H04L29/06 ,  H04L9/32 ,  H04L9/00

Abstract: Systems and methods for secured access to cloud-based applications or services include a service node that may receive a request from client including a URL associated with an application manager. The service node may send a URL prefix identifying a termination to the termination node. The service node may receive a client hello message from the client that includes a first field incorporating the URL prefix, and may send the client hello message to the termination node to initiate a handshake with the client using a wildcard certificate of server, for establishing a SSL channel between the client and the termination node for a session of the application. The service node can direct a communication of the session from the client to the predetermined termination node, for decryption, using the established SSL channel, according to the URL prefix incorporated in a server name indication (SNI) field of the communication.

公开(公告)号：US10574444B2

公开(公告)日：2020-02-25

申请号：US15876828

申请日：2018-01-22

Applicant: Citrix Systems, Inc.

Inventor： Keyoor Khristi ,  Mukul Agarwal ,  Ravi Ganesh, V ,  Saurabh Singh ,  Vishnu Prateek

IPC: H04L9/08 ,  H04L29/06 ,  H04L9/32 ,  H04L9/00

Abstract: Systems and methods for secured access to cloud-based applications or services include a service node that may receive a request from client including a URL associated with an application manager. The service node may send a URL prefix identifying a termination to the termination node. The service node may receive a client hello message from the client that includes a first field incorporating the URL prefix, and may send the client hello message to the termination node to initiate a handshake with the client using a wildcard certificate of server, for establishing a SSL channel between the client and the termination node for a session of the application. The service node can direct a communication of the session from the client to the predetermined termination node, for decryption, using the established SSL channel, according to the URL prefix incorporated in a server name indication (SNI) field of the communication.

公开(公告)号：US20200169394A1

公开(公告)日：2020-05-28

申请号：US16774676

申请日：2020-01-28

Applicant: Citrix Systems, Inc.

Inventor： Keyoor Khristi ,  Mukul Agarwal ,  Ravi Ganesh, V ,  Saurabh Singh ,  Vishnu Prateek

IPC: H04L9/08 ,  H04L29/06 ,  H04L9/32 ,  H04L9/00

Abstract: Systems and methods for secured access to cloud-based applications or services include a service node that may receive a request from client including a URL associated with an application manager. The service node may send a URL prefix identifying a termination to the termination node. The service node may receive a client hello message from the client that includes a first field incorporating the URL prefix, and may send the client hello message to the termination node to initiate a handshake with the client using a wildcard certificate of server, for establishing a SSL channel between the client and the termination node for a session of the application. The service node can direct a communication of the session from the client to the predetermined termination node, for decryption, using the established SSL channel, according to the URL prefix incorporated in a server name indication (SNI) field of the communication.

公开(公告)号：US20190229900A1

公开(公告)日：2019-07-25

申请号：US15876828

申请日：2018-01-22

Applicant: Citrix Systems, Inc.

Inventor： Keyoor Khristi ,  Mukul Agarwal ,  Ravi Ganesh, V ,  Saurabh Singh ,  Vishnu Prateek

IPC: H04L9/08 ,  H04L29/06 ,  H04L9/00 ,  H04L9/32

Abstract: Systems and methods for secured access to cloud-based applications or services include a service node that may receive a request from client including a URL associated with an application manager. The service node may send a URL prefix identifying a termination to the termination node. The service node may receive a client hello message from the client that includes a first field incorporating the URL prefix, and may send the client hello message to the termination node to initiate a handshake with the client using a wildcard certificate of server, for establishing a SSL channel between the client and the termination node for a session of the application. The service node can direct a communication of the session from the client to the predetermined termination node, for decryption, using the established SSL channel, according to the URL prefix incorporated in a server name indication (SNI) field of the communication.