How to open the browser certificate selection option?

Asked

Viewed 324 times

-2

I am working on a project using PHP/HTML/Javascript where will be signed with digital certificate of the clients, where they will receive a PDF document and can sign using a button. When this button is clicked, it is necessary to open the option to select the digital certificates installed on the client’s machine according to the image below and the certificate chosen is available for manipulation in PHP. How do I open this certificate selection console in chorme/firefox when the client clicks the sign button?inserir a descrição da imagem aqui

  • 1

    This configuration is on the server, and each has its own way of configuring (but usually is called "client Authentication" and has a "Certificate" option or something) - with this, the customer’s certificate will be requested when he accesses the site. Also, some browsers do not show this window if you only have a certificate installed in the client (only if you have 2 or more, so you choose - if you only have one, use what you have) - but I think some show the window always, I just don’t remember if you can configure this behavior, each browser must do it its own way.

1 answer

-1


To sign documents you would need private client key. This window only offers public key. Therefore, it is not possible to carry out this action the way you are planning.

For the sake of curiosity, many judicial authorities still use Java applets to access the certificate installed on the client’s machine and thus to sign documents. Low safety level for practicality.

  • Check this question at stackoverflow https://stackoverflow.com/questions/31057537/digitally-sign-document-with-php

  • Without the customer certificate, be it the A1 file or access to the A3 token, it is impossible to sign a document.

  • Is there a security issue allowing the client to upload the A1 certificate containing the private key to my server so that the signature is performed?

  • When I worked with this, the final client sent the certificate in an internal process of the company and a registered employee. We did not use the application for this. It depends a lot on your privacy policy since it is an item that requires a lot of protection.

  • Muito Obriagado!

Browser other questions tagged

You are not signed in. Login or sign up in order to post.