问题
I am trying to sign an Object in a Java + JSF project.
What I have done so far is create my own X509 certificate as well as a CA with XCA and install both of them on Firefox and Chrome.
I have been searching for 3 days how could I access it to sign (the typical pop-up asking for select a certificate in case you have more than one installed) but I just cannot find something useful. I have seen multiple times this code line:
X509Certificate[] certs = (X509Certificate[]) request.getAttribute("javax.servlet.request.X509Certificate");
but I have no clue about where can I get that request with the certificate.
1) Where can I get that request?
2) Do I need a SSL connection to be able to do this?
3) Just... how, I cannot find info so any help will be appreciated
Thanks in advance
回答1:
Due to security restrictions on browsers you can not digitally sign using the browser or system key store. Neither with javascript, nor with java nor with a plugin.
See How to make a digital signature in a web application (JavaScript) using a smartcard?
1) Where can I get that request?
X509Certificate[] certs = (X509Certificate[]) request.getAttribute("javax.servlet.request.X509Certificate");
This code is for something else. It allows to obtain the certificate of the user in an SSL identification
2) Do I need a SSL connection to be able to do this?
It is not related
3) Just... how, I cannot find info so any help will be appreciated
Alternatives:
Use WebCryptographyApi to load certificate. See How to load a PKCS#12 Digital Certificate with Javascript WebCrypto API
Use chrome messaging api (Estonia). See https://stackoverflow.com/a/29806091/6371459
Use a local application connected through javascript (Spain) See https://stackoverflow.com/a/38658414/6371459
来源:https://stackoverflow.com/questions/46193878/access-installed-certified-to-sign