简体繁体 English

我如何使用 HTTPS 客户端证书保护 api 与 Firefox

[英]How can I use an HTTPS client certificate protected api with Firefox

原文 2022-10-01 06:34:30 7 1 security/ firefox/ https/ client-certificates

I have protected my staging environment with an HTTPS client certificate.我使用 HTTPS 客户端证书保护了我的暂存环境。 The site consists of multiple subdomains rest.site.com, files.site.com, site.com, etc.该站点由多个子域rest.site.com、files.site.com、site.com等组成。
Everyone has the same certificate.每个人都有相同的证书。
The problem is that firefox doesn't send a client certificate with cors preflight requests.问题是 firefox 没有发送带有 cors 预检请求的客户端证书。 Which means those request will inevitably always fail and so firefox refuses to access the api at all.这意味着这些请求将不可避免地总是失败，因此 firefox 根本拒绝访问 api。
So is there a way to force firefox to send the certificate with the preflight request?那么有没有办法强制 firefox 发送带有预检请求的证书？

1 个解决方案

type into the url bar about:config在 url 栏中输入about:config
find network.cors_preflight.allow_client_cert找到network.cors_preflight.allow_client_cert
set to true设置为true

client certs will now be sent with preflight requests客户端证书现在将与预检请求一起发送

如何使用客户端证书在Web API中进行身份验证和授权 - How to use a client certificate to authenticate and authorize in a Web API

如何使用Ssl Stream获取/存储客户端证书？ - How can I get/store client certificate using Ssl Stream?

如何在客户端拦截HTTPS响应？ - How can I intercept the HTTPS response in the client side?

我可以为客户端和服务器Java SSL使用相同的自签名证书吗？ - Can I use the same self signed certificate for client and server Java SSL

如何使用msbuild添加可在IIS中使用的安全证书 - How can I use msbuild to add a security certificate that I can use in IIS

如何让自己获得在https中使用的密钥和证书对？ - How can you get yourself a key and certificate pair for using in https?

使用X509Certificate2在https中进行客户端证书认证 - client certificate authentication in https using X509Certificate2

客户端（网络浏览器）如何使用 CA 证书上的公钥来验证服务器证书上的数字签名？ - How a client(web browser) use public key on CA certificate to authenticate digital signature on server certificate?

SSL客户端如何验证服务器的证书？ - How can the SSL client validate the server's certificate?

如何测试使用HTTPS的客户端应用程序对MITMA的保护？ - How can a client app using HTTPS be tested for protection against a MITMA?

暂无

暂无

声明:本站的技术帖子网页，遵循CC BY-SA 4.0协议，如果您需要转载，请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 如何使用客户端证书在Web API中进行身份验证和授权 - How to use a client certificate to authenticate and authorize in a Web API 如何使用Ssl Stream获取/存储客户端证书？ - How can I get/store client certificate using Ssl Stream? 如何在客户端拦截HTTPS响应？ - How can I intercept the HTTPS response in the client side? 我可以为客户端和服务器Java SSL使用相同的自签名证书吗？ - Can I use the same self signed certificate for client and server Java SSL 如何使用msbuild添加可在IIS中使用的安全证书 - How can I use msbuild to add a security certificate that I can use in IIS 如何让自己获得在https中使用的密钥和证书对？ - How can you get yourself a key and certificate pair for using in https? 使用X509Certificate2在https中进行客户端证书认证 - client certificate authentication in https using X509Certificate2 客户端（网络浏览器）如何使用 CA 证书上的公钥来验证服务器证书上的数字签名？ - How a client(web browser) use public key on CA certificate to authenticate digital signature on server certificate? SSL客户端如何验证服务器的证书？ - How can the SSL client validate the server's certificate? 如何测试使用HTTPS的客户端应用程序对MITMA的保护？ - How can a client app using HTTPS be tested for protection against a MITMA?

相关标签

粤ICP备18138465号 © 2020-2024 STACKOOM.COM