How to pass a client certificate automatically in JavaScript (I am using XmlHttpRequest to make the call)? If this is not possible (and from what I have read it isn't because it is the browser which determines this security aspect and not the javascript running within it) then can I atleast prompt the user to select a client certificate on an event click? Any other way to acplish this? The code will run in IE.
I am currently getting an HTTP Forbidden (requesting a client certificate) when I connect to the URL. There is no prompt for any client cert selection similar to what I get when I call this URL directly from my browser window. Since I am able to connect to the URL, I presume that I am not going to run into any CORS specific issue.
For more details - here is what I am trying to acpalish in Javascript: .aspx Thanks!
How to pass a client certificate automatically in JavaScript (I am using XmlHttpRequest to make the call)? If this is not possible (and from what I have read it isn't because it is the browser which determines this security aspect and not the javascript running within it) then can I atleast prompt the user to select a client certificate on an event click? Any other way to acplish this? The code will run in IE.
I am currently getting an HTTP Forbidden (requesting a client certificate) when I connect to the URL. There is no prompt for any client cert selection similar to what I get when I call this URL directly from my browser window. Since I am able to connect to the URL, I presume that I am not going to run into any CORS specific issue.
For more details - here is what I am trying to acpalish in Javascript: http://msdn.microsoft./en-us/library/dn458823.aspx Thanks!
Share Improve this question asked Jan 19, 2015 at 21:32 Piyush JoshiPiyush Joshi 831 silver badge4 bronze badges1 Answer
Reset to default 6The client certificate exchange happens during the SSL handshake, before the HTTPS connection is established. It all happens in the browser at layer 5 while your application is working at layer 7. You can't affect client certificate exchange in JavaScript at all.
If the exchange is not happening there is a configuration issue on the server or in the browser. If the client certificate is installed in the browser, it will automatically be sent in response to a matching client certificate request from the server. If that's not happening then something is misconfigured.