0

Is it possible for a java web application to get digital certificates installed in Browser. What I am looking for is I will read the digital certificate from the browser and based on the certificate, I will give certain access. I tried to search in stackoverflow but did not see any similar questions.

To make things more clear, we have users have company issued laptops and has company specific digital certificates installed. Now my web application should allow or deny access based on whether these digital certificates are available. From the browser I can see the certificates as shown in the following image

Digital Certificates browser

I am looking for some method like getting all the certificates based from httpservletrequest(i know its not available, but just giving reference so that someone can point out if api of some sort is available and if it is really feasible/). Read the certificates one by one and get details like who issued it, what is the expiration date, CRL Distribution points, etc.

I know it may be a dumb question and may have security flaw, but still going for it.

Sandeep Nair
  • 3,630
  • 3
  • 26
  • 38
  • Try this link: http://stackoverflow.com/questions/9901248/reading-client-certificate-in-servlet – Doug Lamb May 11 '15 at 18:59
  • Thanks for the link. Basically I am looking for getting details of all certificates installed and visible in Web Browser. The browser itself wont send the certificates, but the server has to read the request and get the certificates. – Sandeep Nair May 11 '15 at 19:25
  • 1
    *Basically I am looking for getting details of all certificates installed and visible in Web Browser.* - If that worked, I'd consider it a security breach. I definitely don't want a server to see all my identities. – mkl May 11 '15 at 20:14
  • Upvoting thats what I think too. Thanks for confirming – Sandeep Nair May 11 '15 at 20:24

0 Answers0