问题
I want to enable passwordless authentication in Converse.js, using CA signed certificates, but I am having troubles with it. Here is what I've done:
- Added the CA in the truststore for OpenFire;
- Added the OpenFire certificate in its keystore;
- Created a client valid and signed certificate.
I have also set some properties in the OpenFire server, i.e., sasl.mechs: EXTERNAL, xmpp.client.certificate.verify: true and xmpp.client.cert.policy: wanted.
My converse script looks like:
converse.initialize({
bosh_service_url: 'https://localhost:7443/http-bind/',
authentication: 'external',
show_controlbox_by_default: true,
debug: true,
});
As from this blog post, I expected the browser to request the user to provide the certificate with a popup, but I keep getting:
Failed to load resource: net::ERR_CERT_AUTHORITY_INVALID
Any help will be appreciated.
来源:https://stackoverflow.com/questions/49542252/converse-js-and-openfire-passwordless-authentication-certificates