PDA

View Full Version : SOAP with browser certificate authentication



DanielFerreiraJorge
8 Jan 2013, 8:57 AM
Hi, is it possible for sencha to get the information of certificates stored in the browser? I need to securely connect to a SOAP web service using PKCS12 certificates stored in my customer's browser.

I NEED this to be done on the client side, with javascript, since my customers will not upload their certificates to the server.

If sencha does not provide a solution for this, does anybody know a JS lib to do this? (Notice that the problem is NOT that I need a library to manipulate certificates, I can use forge for that. I need a library that can ACCESS the certificate stored in the browser)

Thank you very much!

friend
8 Jan 2013, 10:44 AM
I think you may be confused about a browser's ability to negotiate TLS/SSL and the WS-Security mechanisms typically used for securing SOAP endpoints.

Javascript plays no part in any of these processes.

Here's a good article that may shed some light on the situation:

http://www.javaworld.com/javaworld/jw-03-2003/jw-0321-wssecurity.html

tridinger
10 Oct 2013, 1:15 PM
I'm looking for a similar solution. The server side JSON calls require a client certificate. If wrapped with cordova, will the client side cert be passed to the server?