admin管理员组文章数量:1326665
Is this possible with JavaScript or PHP? I want to be able to detect if my private CA is installed on the user's iOS or Android device. From there I can decide whether to provide instructions for installation or not. I've been "googlin" and haven't found anything useful. Has anyone tried this before? I want to find out what I should spend my time learning. If it's not possible, could you suggest an in browser alternative?
EDIT : I don't have a choice here and it's not my decision. A private CA certificate is going to be used for other security reasons.
Is this possible with JavaScript or PHP? I want to be able to detect if my private CA is installed on the user's iOS or Android device. From there I can decide whether to provide instructions for installation or not. I've been "googlin" and haven't found anything useful. Has anyone tried this before? I want to find out what I should spend my time learning. If it's not possible, could you suggest an in browser alternative?
EDIT : I don't have a choice here and it's not my decision. A private CA certificate is going to be used for other security reasons.
Share Improve this question edited Aug 27, 2013 at 20:56 Jonny Sooter asked Aug 27, 2013 at 18:56 Jonny SooterJonny Sooter 2,4171 gold badge24 silver badges40 bronze badges2 Answers
Reset to default 7I doubt there will be any sort of device query to test this.
I haven't actually done this, but you could probably e up with a test where the JavaScript makes an AJAX request to an https server that uses the certificate you want to test for. If the request succeeds, then the certificate is working. (This question seems to imply that AJAX requests will (correctly) fail if the SSL certificate doens't validate)
Note that, because the scheme (http or https) of the URL will be different (and maybe the domain depending on how you set this up), your test site will have to use the CORS Access-Control-Allow-Origin
header to allow the browser to make the request. See: AJAX calls to untrusted (self-signed) HTTPS fail silently
EDIT:
I had some time and put together a very simple example. Goto http://ssl_test.gjp . That page will attempt to make an AJAX request to https://ssl_test2.gjp, which uses a self-signed certificate. Before you trusted ssl_test2
, you will see "Failed" on the ssl_test
page, however once you trust the certificate for ssl_test2
, you should always see "Success" on ssl_test
.
Note that this doesn't prove that your user has the CA cert installed - all it proves is that they have configured their browser to trust the test site (ssl_test2
). If you never directly point the user to the test site, then they will never have the chance to trust only that site, so this should work reasonably well.
Maybe this will help :
<img src="https://the_site/the_image" onerror="redirectToCertPage()" />
本文标签: phpCan we detect if a root CA certificate is installedStack Overflow
版权声明:本文标题:php - Can we detect if a root CA certificate is installed? - Stack Overflow 内容由网友自发贡献,该文观点仅代表作者本人, 转载请联系作者并注明出处:http://www.betaflare.com/web/1742203745a2432431.html, 本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌抄袭侵权/违法违规的内容,一经查实,本站将立刻删除。
发表评论