How to pass a client certificate automatically in JavaScript (I am using XmlHttpRequest to make the call)? If this is not possible (and from what I have read it isn't because it is the browser which determines this security aspect and not the javascript running within it) then can I atleast prompt the user to select a client certificate on an event click? Any other way to accomplish this? The code will run in IE.
I am currently getting an HTTP Forbidden (requesting a client certificate) when I connect to the URL. There is no prompt for any client cert selection similar to what I get when I call this URL directly from my browser window. Since I am able to connect to the URL, I presume that I am not going to run into any CORS specific issue.
For more details - here is what I am trying to accompalish in Javascript: http://msdn.microsoft.com/en-us/library/dn458823.aspx Thanks!
The client certificate exchange happens during the SSL handshake, before the HTTPS connection is established. It all happens in the browser at layer 5 while your application is working at layer 7. You can't affect client certificate exchange in JavaScript at all.
If the exchange is not happening there is a configuration issue on the server or in the browser. If the client certificate is installed in the browser, it will automatically be sent in response to a matching client certificate request from the server. If that's not happening then something is misconfigured.
来源:https://stackoverflow.com/questions/28033824/sending-client-certificate-via-javascript