Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Detect unsecure ssl-Connection

Tags:

javascript

ssl

ssl-certificate

self-signed

We are running an intranet application which uses a self-signed ssl cert.

The customer does trust our CA.

We are using this way since several years.

On some PCs our CA was not imported and the user does get the warning from the browser everyday.

Unfortunately the users do not tell us this, they just say "accept cert" again and again.

Is there a way to detect the trust of the page?

We are running the web application and would like to get a note, if a browser does accept the cert manually. Then we can get in touch with the admin of the PC and send him a hint that a PC does not trust our CA yet.

Maybe it is possible to detect this way JavaScript?

This is good: ssl-ok

We want to get a note if it looks like this: ssl-no-ok

Update I am not responsible for the client PC. I do not have access to them to install or manage certs.

like image 350
guettli Avatar asked Feb 05 '19 09:02

guettli

People also ask

How do I check if my SSL is secure?

To check an SSL certificate on any website, all you need to do is follow two simple steps. First, check if the URL of the website begins with HTTPS, where S indicates it has an SSL certificate. Second, click on the padlock icon on the address bar to check all the detailed information related to the certificate.

What is insecure SSL?

Browser HTTPS errorsIf you attempt to connect to a site that has a missing, invalid, or self-signed SSL certificate using an HTTPS URL, your browser shows a security warning such as 'Your connection to this site is not secure' in Chrome or 'Potential Security Risk Ahead' in Firefox.

How can you tell if a website is unsecure?

Look at the uniform resource locator (URL) of the website. A secure URL should begin with “https” rather than “http.” The “s” in “https” stands for secure, which indicates that the site is using a Secure Sockets Layer (SSL) Certificate.

1 Answers

This is possible, however browser support is not very high at the moment. If you can live with not supporting anything but chromium based browsers and firefox (these do make up the majority of user agents), you can use

window.isSecureContext

to find out, if the browser trusts your cert. So in order to log every time someone does not trust your cert you could do:

if (!window.isSecureContext){
    //do ajax call
}
like image 171
DysphoricUnicorn Avatar answered Oct 10 '22 20:10

DysphoricUnicorn
Sign in to Comment

Related questions

Different results for tensorflowjs and keras on same model and tensor
Does the first next() in js generator function always execute until the first yield?
How to prevent React from re-rendering the whole component
azure function service bus output message properties
Why does the TypeScript transpiler compile enums into dictionary lookups instead of simple objects?
Why spread() method doesn't work in Sequelize?
Understanding ES6 Named Imports
Jest tests with enzyme and connect() giving `import connectAdvanced from '../components/connectAdvanced';`
Exactly when does the background script in a chrome extension get run?
AngularJS - Which scope is better performance wise? Object.key or Some Variable?
Lit-Element: which event to use for DOM updates?
How to stub contentwindow.print with cypress/test printJS with cypress
Why is this JavaScript not interpreted as a code block when semi-colon is used?
How to add pagination on vue-tables-2 using Laravel rest api?
R shinydashboard: specifying div style width argument as percentage to fit a resizeable JS plot
Can I limit jstree check box to only parents with children?
ReactJS - ref not working with connect and redux-form
Skip the function if executing time too long. JavaScript
React history.push reloads component. Want it to load only once
Is completing the Subject necessary when using the takeUntil pattern to unsubscribe from Observables?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!