Certificate handling

Having problems with building or using CEF's C/C++ APIs? This forum is here to help. Please do not post bug reports or feature requests here.

Certificate handling

Postby fr3nzy » Wed Nov 08, 2017 8:46 am

Hello,

Currently I am using CEF 3.3202.1681.g9672a06 on Ubuntu 12.04.5 LTS x64.
In the long run i am trying to implement certificate handling (with server and client authentification).

In the first step i want to support server authentification (servers sends certificate, and my CEF application needs to validate this certificate).

Now I have implemented CefRequestHandler::OnCertificateError and CefRequestHandler::OnSelectClientCertificate functions with logging, but not one function is called.
For instance when i load single http page, it goes OnSelectClientCertificate(loading=true) -> OnLoadStart -> OnLoadEnd -> OnSelectClientCertificate(loading=false).

When I try to load same simple page via https (please note, there is no CA certificate in OS certificate store, so I anticipate OnCertificateError should occur, as it is impossible to validate certificate),
the only function that is called is OnSelectClientCertificate(loading=true), after that not one function is called (loadStart/end/Error or any implemented certificate function).

The same webpage is normally loadable from firefox and chrome.

Can someone please point out, what am i doing wrong (possibly missing some function implementation)?
Also I would like to know, where CEF looks for client certificates on Ubuntu?
fr3nzy
Techie
 
Posts: 13
Joined: Tue Sep 12, 2017 5:47 am

Re: Certificate handling

Postby magreenblatt » Wed Nov 08, 2017 11:59 am

See https://chromium.googlesource.com/chrom ... agement.md for details on how Chromium manages certificates on Linux. I would expect OnCertificateError to be called if you are visiting an HTTPS page with an invalid server certificate.

That being said, Ubuntu 12.04 is an old and unsupported platform. You might want to test with a supported Linux platform to see if the problem reproduces there.
magreenblatt
Site Admin
 
Posts: 12383
Joined: Fri May 29, 2009 6:57 pm

Re: Certificate handling

Postby fr3nzy » Thu Nov 09, 2017 1:58 am

Thank you for the response.

Before I went and testing the application on newer ubuntu, I found out that I forgot to override CefClient::GetRequestHandler (which prevented access to CefRequestHandler instance and in turn prevented call to mentioned two functions).

Sorry for the inconvenience.
fr3nzy
Techie
 
Posts: 13
Joined: Tue Sep 12, 2017 5:47 am


Return to Support Forum

Who is online

Users browsing this forum: No registered users and 48 guests