5

The Objective

I need to open this JavaScript certificate Modal on Browser to user select their Certificate (It's on Portuguese sorry):

enter image description here

Then save it on my Action like this:

[HttpGet]
public ActionResult GetClientCertificate() {
    var requestCertificate = System.Web.HttpContext.Current.Request.ClientCertificate;

    ///Transform to byte[] and save on DataBase
}

The Problem

I have spend a lot of time researching because it's my first contact to this kind of Technology, but no metter what I do, i can't make it work. Modal never open's and ClientCertificate is always empty. It's really possible to achive this on JavaScript?

Context

ISS Config

<access sslFlags="SslNegotiateCert" />

<applicationDependencies>
    <application name="Active Server Pages" groupId="ASP" />
</applicationDependencies>

<authentication>

    <anonymousAuthentication enabled="true" userName="" />

    <basicAuthentication enabled="false" />

    <clientCertificateMappingAuthentication enabled="true" />

    <digestAuthentication enabled="false" />

    <iisClientCertificateMappingAuthentication enabled="true">
    </iisClientCertificateMappingAuthentication>

    <windowsAuthentication enabled="false">
        <providers>
            <add value="Negotiate" />
            <add value="NTLM" />
        </providers>
    </windowsAuthentication>

</authentication>

<authorization>
    <add accessType="Allow" users="*" />
</authorization>

JS

$(document).on("click", "#btnCertificate", function() {
    $.get("/Gerenciamento/CertificadoDigital/GetCertificate", null, function(data) {
        //// Redirect to other page
    });
});

Links

This are the questions that I had seem so far (half of then unanswered):

Matheus Cuba
  • 2,068
  • 1
  • 20
  • 31
  • 4
    the browser automatically prompts user for selecting a certificate when is requested a SSL/TLS URL which requires client authentication. **It is not appliable to AJAX requests**. If the browser don't show the certificate form when you insert the right URL in the address bar, then review the server configuration. Ensure that the client certificate options are set as **mandatory** and you have properly set the accepted CA certificates. If the browser does not have any certificate issued by the accepted CAs, it will not show the form – pedrofb Dec 24 '17 at 11:40

1 Answers1

8

After a lot of research (and with the help of @pedrofb), I discover that is impossible to trigger the Prompt Requesting Client Certificate by Ajax (or JavaScript) , having to make the server configuration trigger it by the url, leading me to change my approch to this.

I solve it by asking the user to uploud the .pptx file of the certificate to save on our database as a , to later when I need converting it to a X509Certificate

Matheus Cuba
  • 2,068
  • 1
  • 20
  • 31
  • I was implementing client certificate authentication and came across this post here. Any idea if it is possible to parse/intercept the X509Certificate before making the server request using JavaScript. I wanted to pass the issuer name of that certificate in the request header. – vikash.gupta Jan 23 '21 at 10:44
  • @VikashGupta Hello, you will need a JS library such as [this](https://github.com/fidm/x509) to parse the certificate in the browser before the request – Matheus Cuba Jan 25 '21 at 13:38