3

We have use case where we need to pass the client Certificate and Key over Http. And this has to achieved in a single HTTP Request. Meaning, Client will send a HTTP GET and in HTTP response we need to send the clientCertificate and keys.

I tried making below tests,

  1. I generated pem file to containing client Key and cert and set the content type of http reposne as "application/x-pem-file" [Result] : Mozilla and chrome are not understanding the mime type and its asking to save.

    1. if i use the mime type "application/x-x509-user-cert" , mozilla is interpreting mime type but throwing an error.

I am not sure how we can achieve this (passing client certs and keys to browser over HTTP). Kindly help us.

Thanks Pradeep

4

1 回答 1

1

首先,您需要确定要发送哪个密钥。私钥几乎从不以这种方式传输——这是一个很大的安全漏洞。如果您只发送公钥 - 这个公钥已经包含在证书中。

现在证书的规范格式是二进制 DER 编码。PEM 和任何同样非标准的东西都没有机会被浏览器识别。即你可以发送并希望它被浏览器处理的是二进制 DER 证书本身。

于 2013-06-07T05:54:52.703 回答