Chromium Embedded Framework Forum

by **stariq** » Tue Mar 24, 2015 4:44 am

Hello,

I have a project which requires embedding a browser into a Windows native application, the natural choice was CEF and all seems well. That was until the project requirements came to demand support for SSL Mutual authentication. We have an enrollment process which installs the client certificate into the Windows certificate store, but I'm struggling with CEF and understanding how to present the challenging site with the stored certificate.

Any help would be massively appreciated.

Thanks
Tariq

by **magreenblatt** » Tue Mar 24, 2015 11:05 am

Using branch 2272 or newer you can implement CefRequestHandler::OnCertificateError and verify the certificate in your application before accepting it.

by **stariq** » Tue Mar 24, 2015 1:13 pm

Ah - Maybe a little confusion; I'm hoping to be challenged for a client certificate to authenticate my session, not validating some certificates presented by the server.

Thanks,
Tariq

by **magreenblatt** » Tue Mar 24, 2015 1:30 pm

stariq wrote:Ah - Maybe a little confusion; I'm hoping to be challenged for a client certificate to authenticate my session, not validating some certificates presented by the server.

Does it currently work in Google Chrome? If so, how do you configure it? If not, it won't work in CEF either.

by **magreenblatt** » Tue Mar 24, 2015 1:42 pm

Client certificates appear to be handled via ResourceLoader::OnCertificateRequested and SSLClientAuthHandler in Chrome. A similar implementation will be required in CEF to support client certificates. You're welcome to add an issue in the CEF issue tracker, however you will likely need to implement this functionality yourself (or hire someone to do it for you).

by **stariq** » Wed Mar 25, 2015 2:50 am

magreenblatt wrote:however you will likely need to implement this functionality yourself (or hire someone to do it for you).

I don't suppose you could put me in touch with a contractor who would be skilled enough to take on this challenge?

by **magreenblatt** » Wed Mar 25, 2015 1:58 pm

stariq wrote:
magreenblatt wrote:however you will likely need to implement this functionality yourself (or hire someone to do it for you).

I don't suppose you could put me in touch with a contractor who would be skilled enough to take on this challenge?

I replied to you in PM. We can continue the conversation there.

by **sdnorton** » Sun Apr 12, 2015 12:44 pm

Hello,

I am interested in support for this as well. Could you let us know the progress or plan (if there is one) for getting support for client certificates into the master branch (or any branch really)?

Thank you
Steve

by **magreenblatt** » Mon Apr 13, 2015 4:28 am

sdnorton wrote:Could you let us know the progress or plan (if there is one) for getting support for client certificates into the master branch (or any branch really)?

There is no additional information available at this time.

Chromium Embedded Framework Forum

SSL Mutual Authentication

SSL Mutual Authentication

Re: SSL Mutual Authentication

Re: SSL Mutual Authentication

Re: SSL Mutual Authentication

Re: SSL Mutual Authentication

Re: SSL Mutual Authentication

Re: SSL Mutual Authentication

Re: SSL Mutual Authentication

Re: SSL Mutual Authentication

Who is online