You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Basically, I'd like to be able to digitally sign an xml doc in the browser using a browser supplied certificate. I see the examples for signing using a randomly generated keypair but is it possible to load it from the browser's api?
The text was updated successfully, but these errors were encountered:
Sounds like you want to use a certificate that is enrolled locally into the operating system?
The samples here utilize what I have been calling a browser bound certificate, the key pair and certificate being created within the security boundary of the browser.
An application we have made called Hancock uses this concept to enroll for a certificate from a CA and in turn uses that certificate for signing. I explain this to say, mainly for posterity sake, that the samples are not using a randomly generated key pair (though for brevity sake I suppose there may be an example or two of this) but certificates generated within the browser.
I suspect what you are asking is if you can use a certificate and key stored in CryptoAPI, NSS or OSX Crypto. Browsers by design, do not provide a mechanism to escape the security boundaries it providers, this includes giving web applications un-fettered access to cryptographic keys and certificates.
With that said we have built a client you can install that does enable the base scenario I think you are asking about, check out Fortify, here is a post I did about it.
Basically, I'd like to be able to digitally sign an xml doc in the browser using a browser supplied certificate. I see the examples for signing using a randomly generated keypair but is it possible to load it from the browser's api?
The text was updated successfully, but these errors were encountered: