Testing if a client certificat is installed in the client browser

Question

I was wondering if any of you know if it is possible in javascript or php to test if a client has a specific client certificate installed in the browser.

The thing is that we have a server certificate installed but to be recognized by the clients, they need 2 client certificates that make them recognize the authority of the issuer of our server certificate. We would like to test the browser for these 2 certificates, if there are not there, we want to propose the client to download them before to enter in https mode...

Anybody can help? Please detail your answer if you know one.

Answer 1

You can do it client side by using javascript to request a known file from a secured (https) source. if the request fails then it means the client refused to accept your certificate (or another network error) at this point you could popup a message to ask the user to install the root certificate with a link to the root certificate.

This must be done from a non secure page. otherwise the user may refuse your certificate and never load the page to start with and therefore your javascript never runs

It can't be done in PHP because php (which is server side) cannot determine whether the client browser has a particular root ca installed

I however would not do this. get a proper certificate instead.

You appear to have insufficient understanding of how SSL works in general. I suggest spending some time understanding how SSL works and how certificates are used.

DC

to learn about sending and receiving http responses with javascript read this page..

http://www.w3schools.com/XML/xml_http.asp

It can be used to send and receive any text data, not just xml. It is real easy to implement but you must be aware of browser version issues.

DC