Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Testing if a client certificat is installed in the client browser

I was wondering if any of you know if it is possible in javascript or php to test if a client has a specific client certificate installed in the browser.

The thing is that we have a server certificate installed but to be recognized by the clients, they need 2 client certificates that make them recognize the authority of the issuer of our server certificate. We would like to test the browser for these 2 certificates, if there are not there, we want to propose the client to download them before to enter in https mode...

Anybody can help? Please detail your answer if you know one.

like image 542
Fabien Avatar asked Jan 04 '10 13:01

Fabien


People also ask

How do I know if client certificate is installed?

Chrome: Verifying that Your Client Certificate Is InstalledIn Chrome, go to Settings. On the Settings page, below Default browser, click Show advanced settings. Under HTTPS/SSL, click Manage certificates. In the Certificates window, on the Personal tab, you should see your Client Certificate.

How do you know if a certificate is valid on your browser?

For most browsers, look to see if a site URL begins with “https,” which indicates it has an SSL certificate. Then click on the padlock icon in the address bar to view the certificate information.

Do browsers have client certificates?

Chrome, Edge, IE, and Safari are all configured to use client certificates and private keys provided by the OS.


1 Answers

You can do it client side by using javascript to request a known file from a secured (https) source. if the request fails then it means the client refused to accept your certificate (or another network error) at this point you could popup a message to ask the user to install the root certificate with a link to the root certificate.

This must be done from a non secure page. otherwise the user may refuse your certificate and never load the page to start with and therefore your javascript never runs

It can't be done in PHP because php (which is server side) cannot determine whether the client browser has a particular root ca installed

I however would not do this. get a proper certificate instead.

You appear to have insufficient understanding of how SSL works in general. I suggest spending some time understanding how SSL works and how certificates are used.

DC

to learn about sending and receiving http responses with javascript read this page..

http://www.w3schools.com/XML/xml_http.asp

It can be used to send and receive any text data, not just xml. It is real easy to implement but you must be aware of browser version issues.

DC

like image 133
DeveloperChris Avatar answered Oct 04 '22 19:10

DeveloperChris