Chromium Embedded Framework Forum

[mrborman]

Hello!
Can you please say, how i must add a root sertificate to CEF? When i try to open sites by https - some sites opens successfully, but some (who was signed not by well-known CA) i can't open. Some times it is white screen and andless loading (i.e. https://finist.71036.kz ) sometimes it is error -101. (i.e. https://pki.gov.kz/). With http - they will be opened w/o problems. So, i think - problem in "non-standard" CA? How i must fix this problem?

I have tried "cefclient.exe --disable-web-security --ignore-certificate-errors" but w/o any changes.

Thanks.

[magreenblatt]

CEF/Chromium uses the OS certificate store. So you should install the root certificate using whatever method your OS supports.

[ndesktop]

The issuer (ҰЛТТЫҚ КУӘЛАНДЫРУШЫ ОРТАЛЫҚ (RSA)) seems to be some Kazakhstan certificate authority which indeed is not in Root CA.

[mrborman]

Thanks. But:

1. I have installed a CA certificate as a entrusted root certificate. "Chrome" began to open the website normally. (Before Chrome also didn't open the website). But CEF still doesn't open (error -101).

2. I need to exempt the user from excess gestures. The Application will work with one website with one certificate which is supposed to be embedded in the application. Not to force the user to put separately the certificate. User must download application, run it and begin to work. No any other actions. (Application for state structures.).

Are any ways to solve my task?...

[magreenblatt]

Is CefRequestHandler::OnCertificateError being called for your certificate? If so, you can try allowing it there.

[mrborman]

i'm very sorry, but.... i can't find OnCertificateError anywhere in project. Where is it?

[ndesktop]

i'm very sorry, but.... i can't find OnCertificateError anywhere in project. Where is it?

Defined here and sample implementation here.