JGridstart/Browser certificate installation

From PDP/Grid Wiki
Revision as of 15:20, 18 May 2009 by Wvengen@nikhef.nl (talk | contribs) (initial version)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigationJump to search

Installing a certificate into a browser can be done in a lot of ways, some of which are cumbersome for the user, others are a lot of work to implement for the developer. jGridStart is a Java application, so the starting point is to install a client certificate and private key into browsers' keystores. Some approaches are discussed below.

Open PKCS#12 file with browser

When a PKCS#12 file containing the private key and certificate is opened with a web browser, it would be sensible to install that into the browser's keystore. This probably works on Windows, but Mozilla Firefox doesn't and handles it as an ordinary downloaded file. When served over HTTP instead of opening a local file with mimetype application/x-x509-user-cert, Firefox only imports the certificate if a private key is already present in its keystore (so it would only work with the KeyGen tag). [1]

Related

Retrieved from "https://wiki.nikhef.nl/grid/index.php?title=JGridstart/Browser_certificate_installation&oldid=2683"