passing the Client certificate over HTTP
Question
We have use case where we need to pass the client Certificate and Key over Http. And this has to achieved in a single HTTP Request. Meaning, Client will send a HTTP GET and in HTTP response we need to send the clientCertificate and keys.
I tried making below tests,
I generated pem file to containing client Key and cert and set the content type of http reposne as "application/x-pem-file" [Result] : Mozilla and chrome are not understanding the mime type and its asking to save.
- if i use the mime type "application/x-x509-user-cert" , mozilla is interpreting mime type but throwing an error.
I am not sure how we can achieve this (passing client certs and keys to browser over HTTP). Kindly help us.
Thanks Pradeep
1 answers
solution1
1 2013-06-07 05:54:52
First you need to determine, which key you want to send. Private keys are almost never transmitted this way - that's a big security flaw. And if you send only public key - this one is already contained in the certificate.
Now canonical format for certificate is binary DER encoding. PEM and anything equally non-standard doesn't have a single chance to be recognized by the browser. Ie what you can send and hope that it will be handled by the browser is binary DER certificate itself.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.