Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Can we detect if a root CA certificate is installed?

Tags:

javascript

php

certificate

cryptography

Is this possible with JavaScript or PHP? I want to be able to detect if my private CA is installed on the user's iOS or Android device. From there I can decide whether to provide instructions for installation or not. I've been "googlin" and haven't found anything useful. Has anyone tried this before? I want to find out what I should spend my time learning. If it's not possible, could you suggest an in browser alternative?

EDIT : I don't have a choice here and it's not my decision. A private CA certificate is going to be used for other security reasons.

like image 286
Jonny Sooter Avatar asked Aug 27 '13 18:08

Jonny Sooter

2 Answers

I doubt there will be any sort of device query to test this.

I haven't actually done this, but you could probably come up with a test where the JavaScript makes an AJAX request to an https server that uses the certificate you want to test for. If the request succeeds, then the certificate is working. (This question seems to imply that AJAX requests will (correctly) fail if the SSL certificate doens't validate)

Note that, because the scheme (http or https) of the URL will be different (and maybe the domain depending on how you set this up), your test site will have to use the CORS Access-Control-Allow-Origin header to allow the browser to make the request. See: AJAX calls to untrusted (self-signed) HTTPS fail silently

EDIT: I had some time and put together a very simple example. Goto http://ssl_test.gjp.cc . That page will attempt to make an AJAX request to https://ssl_test2.gjp.cc, which uses a self-signed certificate. Before you trusted ssl_test2, you will see "Failed" on the ssl_test page, however once you trust the certificate for ssl_test2, you should always see "Success" on ssl_test.

Note that this doesn't prove that your user has the CA cert installed - all it proves is that they have configured their browser to trust the test site (ssl_test2). If you never directly point the user to the test site, then they will never have the chance to trust only that site, so this should work reasonably well.

like image 112
George Avatar answered Sep 24 '22 02:09

George

Maybe this will help :

<img src="https://the_site/the_image" onerror="redirectToCertPage()" />
like image 21
btpka3 Avatar answered Sep 24 '22 02:09

btpka3
Sign in to Comment

Related questions

PHP Foreach Empty
Expire session automatically and detect if the session has expired in Codeigniter
Detect if user is behind a proxy server
Getting multiple row values out of MySQL table
prepared statements fetch_assoc php mysqli
Linking a php file to a HTML file?
Extract constraints form Doctrine 2 entity in symfony 2
How can I determine what drivers are available to use with odbc in php (on a linux system)?
Select and Update in same query
Access WordPress functions in standalone plugin page
remove elements from sub-array mongo document
Downloading images from rets feed using phprets
PHP DateInterval not returning last day of the month
Laravel BaseController vs \BaseController
ZF2 How to use global variables in the view
Error with subquery in doctrine2 query builder
PHP match data into array
Parse JSON-like markup
Is it bad to include header and footer as a template?
How do I generate SVG qrcode with image?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!