call certificate

[rodog]

Good morning, On some sites I can click on the button referring to the certificate and it reads normally, but on a specific site it doesn't call the certificate for choice. But in chrome it calls correctly. So I was thinking about forcing the certificate call on site login. It's possible? Grateful

[salvadordf]

Hi,

If a web page requires user authentication using a certificate then Chromium will trigger the TChromium.OnSelectClientCertificate event with an array of certificates that can be used to authenticate the user in that page.

This is what the CEF documents say about that event :

Called on the UI thread when a client certificate is being requested for authentication. Return false to use the default behavior and automatically select the first certificate available. Return true and call CefSelectClientCertificateCallback::Select either in this method or at a later time to select a certificate. Do not call Select or call it with NULL to continue without using any certificate. |isProxy| indicates whether the host is an HTTPS proxy or the origin server. |host| and |port| contains the hostname and port of the SSL server. |certificates| is the list of certificates to choose from; this list has already been pruned by Chromium so that it only contains certificates from issuers that the server trusts.

https://magpcss.org/ceforum/apidocs3/projects/(default)/CefRequestHandler.html#OnSelectClientCertificate(CefRefPtr%3CCefBrowser%3E,bool,constCefString&,int,constX509CertificateList&,CefRefPtr%3CCefSelectClientCertificateCallback%3E)

If your application doesn't use that event then Chromium will use the first certificate available, if any.

If your application uses that event and sets Result to True then you can call callback.select with one of the certificates available in the "certificates" array.

If Chrome and CEF show different certificates then compare the versions of Chrome and Chromium in CEF.

[rodog]

Hi,

If a web page requires user authentication using a certificate then Chromium will trigger the TChromium.OnSelectClientCertificate event with an array of certificates that can be used to authenticate the user in that page.

This is what the CEF documents say about that event :

Called on the UI thread when a client certificate is being requested for authentication. Return false to use the default behavior and automatically select the first certificate available. Return true and call CefSelectClientCertificateCallback::Select either in this method or at a later time to select a certificate. Do not call Select or call it with NULL to continue without using any certificate. |isProxy| indicates whether the host is an HTTPS proxy or the origin server. |host| and |port| contains the hostname and port of the SSL server. |certificates| is the list of certificates to choose from; this list has already been pruned by Chromium so that it only contains certificates from issuers that the server trusts.

https://magpcss.org/ceforum/apidocs3/projects/(default)/CefRequestHandler.html#OnSelectClientCertificate(CefRefPtr%3CCefBrowser%3E,bool,constCefString&,int,constX509CertificateList&,CefRefPtr%3CCefSelectClientCertificateCallback%3E)

If your application doesn't use that event then Chromium will use the first certificate available, if any.

If your application uses that event and sets Result to True then you can call callback.select with one of the certificates available in the "certificates" array.

If Chrome and CEF show different certificates then compare the versions of Chrome and Chromium in CEF.

1

Good morning, yes, but I don't know if I explained myself correctly. How do I call the certificate without the page asking to call? Like, if I want onshow to call the certificate.

Grateful

[salvadordf]

CEF only allows to select user certificates when a web page requires them, not before.

[rodog]

CEF only allows to select user certificates when a web page requires them, not before.

http://www.nfe.fazenda.gov.br/portal/consultaRecaptcha.aspx?tipoConsulta=resumo&tipoConteudo=7PhJ+gAVw2g=

on this page, after reading the access key, if I click on download document, there is no option to select certificate, it just opens a weird window for me to click ok and nothing else happens. What could I be doing wrong?

thankful

[salvadordf]

I can't test that page but I just tried to access a government page in Spain using one of my certificates and it worked correctly.

Try to open that page using BriskBard :
https://www.briskbard.com/index.php?lang=en&pageid=download

BriskBard uses CEF by default and it implements all necessary CEF events to authenticate the user.

[rodog]

I can't test that page but I just tried to access a government page in Spain using one of my certificates and it worked correctly.

Try to open that page using BriskBard :
https://www.briskbard.com/index.php?lang=en&pageid=download

BriskBard uses CEF by default and it implements all necessary CEF events to authenticate the user.

Well, on other pages it reads correctly, but on this one in particular, I don't know what to do...

[salvadordf]

There is an unresolved issue in CEF with NTLM authentication :
https://bitbucket.org/chromiumembedded/cef/issues/3110/ntlm-authenentication-not-working

Perhaps that page is using that authentication method.

Try setting GlobalCEFApp.DisableRequestHandlingForTesting to TRUE before the GlobalCEFApp.StartMainProcess call in the DPR file.

Some people in that issue say that a possible workaround is using a proxy. See the MiniBrowser demo to know how to use a proxy in CEF.

[rodog]

There is an unresolved issue in CEF with NTLM authentication :
https://bitbucket.org/chromiumembedded/cef/issues/3110/ntlm-authenentication-not-working

Perhaps that page is using that authentication method.

Try setting GlobalCEFApp.DisableRequestHandlingForTesting to TRUE before the GlobalCEFApp.StartMainProcess call in the DPR file.

Some people in that issue say that a possible workaround is using a proxy. See the MiniBrowser demo to know how to use a proxy in CEF.

It worked out! Thank you!