Prompting for client certificates, ASP or AJAX solution needed...


Im setting up an area on our website to accept client certificates. I have the setup working, have configured an OCSP module to check the validity of the certificate. The website is running on IIS6.

The issue im trying to get around at the moment is how to prompt for the certificate - currently the only method i know off is to configure IIS to either Accept or Require client certs - and again this works fine. In our website we have a registration page, which allows users to either manually enter their details, or hopefully click on a button that will prompt them to use their client certificate (at which point i will extract information from the certificate and pre-populate the registration form). The only way i can currently achieve this is to have a link from the registration page to page that requires a client certificate - however because its a link the user has then navigated away from the registration page. Ideally what id like to be able to do is to prompt for the certificate from the registration page and then extract the information. I thought this would be possible using either AJAX or MSXML (ASP) however it appears that call requires a client certificate to have been presented before the remote request is made.

Any clever ideas anyone?

Thhanks in advance
Who is Participating?
Michel PlungjanIT ExpertCommented:
It does not have to be an image.

<img name="regImage" src="blank.gif" width="1" height="1"
onLoad="if (this.src.indexOf('blank')==-1) getCertificateStuff()">

and have

<a href="#"
return false">Whatever</a>

and have the someServerprocess.asp set a cookie and have getCertificateStuff() read that cookie
Michel PlungjanIT ExpertCommented:
Never tried this.

How about loading an image from a directory that needs certificate?
partnershipdevAuthor Commented:
Ho mplungian,

It could be a possiblity, but how would the registration page return values from the certificate - effectively the image in the secured directory would be the only object with access to the clients certificate (and of course that isnt possible either!)

Any thoughts?
partnershipdevAuthor Commented:

Great solution....with some modifications i got this solution to work perfectly.

Thanks for your suggestions.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.