Disclosure Statement: This site contains affiliate links, which means that I may receive a commission if you make a purchase using these links. As an eBay Partner, I earn from qualifying purchases.

Problems Choosing Local Certificate Using CEF3 - Can not find solution!

Post Reply
User avatar
salvadordf
Posts: 4057
Joined: Thu Feb 02, 2017 12:24 pm
Location: Spain
Contact:
Contact salvadordf

Re: Problems Choosing Local Certificate Using CEF3 - Can not find solution!

Post by salvadordf »

Hi,

You don't need to modify the CEF libraries if the certificate is installed in Windows. The TChromium.OnSelectClientCertificate event is used to let the user select a certificate.

These are the code comments in CEF for that event :

Code: Select all

  ///
  // Called on the UI thread when a client certificate is being requested for
  // authentication. Return false (0) to use the default behavior and
  // automatically select the first certificate available. Return true (1) and
  // call cef_select_client_certificate_callback_t::Select either in this
  // function or at a later time to select a certificate. Do not call Select or
  // call it with NULL to continue without using any certificate. |isProxy|
  // indicates whether the host is an HTTPS proxy or the origin server. |host|
  // and |port| contains the hostname and port of the SSL server. |certificates|
  // is the list of certificates to choose from; this list has already been
  // pruned by Chromium so that it only contains certificates from issuers that
  // the server trusts.
  ///
The link to that information in API docs is this :
https://magpcss.org/ceforum/apidocs3/pr ... llback%3E)

As you can see, that event is called in a CEF thread. What the CEF code comments refer as "UI thread" is not the same as the main thread in your application.

This means that your application can't show a form to select a certificate inside that event because VCL doesn't like to create and destroy controls in different threads. You need to copy the TChromium.OnSelectClientCertificate parameters, set the "aResult" paramenter to TRUE and send a custom Windows message to the main form to show your certificate selection form in the main thread.

The procedure handling that custom message would show a list of certificates and then call "callback.select" with the selected certificate as parameter. These are the code comments for the callback.select procedure :

Code: Select all

  ///
  // Chooses the specified certificate for client certificate authentication.
  // NULL value means that no client certificate should be used.
  ///
Remember to set the callback copy variable to NIL before closing the browser to avoid shutdown errors.

You may also need to use the TChromium.OnCertificateError event to handle certificate errors.

At this moment CEF doesn't support certificates stored in smartcards, only certificates installed in Windows.
Top
Post Reply

Return to “General”