4

When using an HTML5 keygen element, the form posts (among others) a certificate signing request (in SPKAC format) to the server. The server then sends the corresponding certificate with mime-type application/x-x509-user-cert. I implemented this without problems.

My problem now is how I can continue the flow, deliver the certificate and redirect to another page. I tried two things and both failed: (this is flask code)

r = Response(userCert, status=302, mimetype='application/x-x509-user-cert')  
r.headers['Location'] = url_for('index') 

r = Response(userCert, mimetype='application/x-x509-user-cert')  
r.headers['Refresh'] = "1; url=%s" % url_for('index')

In the former case, the browser fails to install the certificate, but redirects correctly; In the latter case, the browser (FF) installs the certificate, but fails to go to the new page.

Bud P. Bruegger
  • 1,021
  • 10
  • 15
  • In the meantime, I also tried a mime multipart response with both, subtype "mixed" and "mixed-replace", respectively. The former attempt doesn't seem to do much, in the latter, I get a file save dialog... – Bud P. Bruegger Dec 20 '14 at 17:38

1 Answers1

0

After A LOT of banging my head against the wall, I finally found a way that is half way usable:

I launch the page with the form that contains the keygen element from another html page. The keygen page submits on load; and the parent page closes the keygen page after a timeout.

Not certain what happens if the timeout is too short though. But I didn't find any event that indicates that a certificate has been loaded...

Bud P. Bruegger
  • 1,021
  • 10
  • 15