Prompting for client certificates, ASP or AJAX solution needed...
Posted on 2007-10-04
Im setting up an area on our website to accept client certificates. I have the setup working, have configured an OCSP module to check the validity of the certificate. The website is running on IIS6.
The issue im trying to get around at the moment is how to prompt for the certificate - currently the only method i know off is to configure IIS to either Accept or Require client certs - and again this works fine. In our website we have a registration page, which allows users to either manually enter their details, or hopefully click on a button that will prompt them to use their client certificate (at which point i will extract information from the certificate and pre-populate the registration form). The only way i can currently achieve this is to have a link from the registration page to page that requires a client certificate - however because its a link the user has then navigated away from the registration page. Ideally what id like to be able to do is to prompt for the certificate from the registration page and then extract the information. I thought this would be possible using either AJAX or MSXML (ASP) however it appears that call requires a client certificate to have been presented before the remote request is made.
Any clever ideas anyone?
Thhanks in advance