[solved] OnCertificateError called for trusted cert in nssdb

Having problems with building or using CEF's C/C++ APIs? This forum is here to help. Please do not post bug reports or feature requests here.

Re: OnCertificateError called for trusted cert in nssdb

Postby magreenblatt » Mon Sep 06, 2021 10:47 am

As stated above, the callback is likely not valid after you navigate in the frame. You may need to call LoadURL and load the same URL again, and maybe you will get a new callback that you can continue.
magreenblatt
Site Admin
 
Posts: 12382
Joined: Fri May 29, 2009 6:57 pm

Re: OnCertificateError called for trusted cert in nssdb

Postby olzzen » Wed Sep 08, 2021 2:23 am

Thanks for your reply. We no longer save the callback, as we can't see a way to check wether a callback is valid or not.
Because of the root cause of the original problem being a chromium bug, we marking this thread as solved as we have implemented a workaround.

We have implemented an application-internal certificate-store with the following responsibilities
1. track informations about user-accepted self-signed certificates
2. interface to the NSS-DB to query certificate informations

This certificate-store is used in
  • RequestHandler::OnBeforeBrowse
    We encode the information that the user wants to ignore an invalid certificate in the URL. If this URL gets called, the corresponding certificate is inserted into the store. The target URL is extracted from the URL-parameters and loaded with LoadURL.
  • RequestHandler::OnCertificateError
    The store is checked for the invalid certificate and if its contained (either as user-accepted certificate or as trusted certificate in the NSS-DB) the callback will continue. If the certificate is not contained, we load the error information page (see first post). The callback is cancelled.
  • LoadHandler::OnLoadError
    If the error code is ERR_INSECURE_RESPONSE, the store is checked for the invalid certificate and if its contained, the browser gets reloaded. Otherwise we load the error information page.
olzzen
Techie
 
Posts: 46
Joined: Fri Oct 23, 2015 1:01 am

Previous

Return to Support Forum

Who is online

Users browsing this forum: No registered users and 34 guests