2

I am trying to sign an Object in a Java + JSF project.

What I have done so far is create my own X509 certificate as well as a CA with XCA and install both of them on Firefox and Chrome.

I have been searching for 3 days how could I access it to sign (the typical pop-up asking for select a certificate in case you have more than one installed) but I just cannot find something useful. I have seen multiple times this code line:

X509Certificate[] certs = (X509Certificate[]) request.getAttribute("javax.servlet.request.X509Certificate");

but I have no clue about where can I get that request with the certificate.

1) Where can I get that request?

2) Do I need a SSL connection to be able to do this?

3) Just... how, I cannot find info so any help will be appreciated

Thanks in advance

Kukeltje
  • 12,223
  • 4
  • 24
  • 47
Aldeguer
  • 821
  • 9
  • 32

1 Answers1

4

Due to security restrictions on browsers you can not digitally sign using the browser or system key store. Neither with javascript, nor with java nor with a plugin.

See How to make a digital signature in a web application (JavaScript) using a smartcard?

1) Where can I get that request?

X509Certificate[] certs = (X509Certificate[]) request.getAttribute("javax.servlet.request.X509Certificate");

This code is for something else. It allows to obtain the certificate of the user in an SSL identification

2) Do I need a SSL connection to be able to do this?

It is not related

3) Just... how, I cannot find info so any help will be appreciated

Alternatives:

pedrofb
  • 37,271
  • 5
  • 94
  • 142