如何使用JavaScript或jQuery获取证书列表? [英] How to get Certificate List using JavaScript or jQuery?

问题描述

我们以前使用Applet来获取安装在客户端计算机上的密钥库证书.现在，当chrome停止使用NPAPI时，Applet现在无法正常工作，因此请使用Javascript/jQuery找到一些解决方案.

We are using Applet previously to get Key Store Certificates installed in client's machine. Now as chrome stops NPAPI, Applet is not working now, so finding some solution using Javascript / jQuery.

我试图获取KeyStore中安装的总证书列表，但找不到任何解决方案.有谁知道如何使用JavaScript或jQuery获取完整的证书列表?

I am trying to get the total Certificate List for installs in KeyStore, but I can't find any solutions. Does any one know how to get the full Certificate List using JavaScript or jQuery?

推荐答案

您无法使用客户端中运行的JavaScript来做到这一点.

You cannot do that with JavaScript running in the client.

请参见在WebCrypto邮件列表中输入以下内容:

2015年6月24日，星期三，杰弗里·沃尔顿(Jeffrey Walton)，下午1:50 写道:

On Wed, Jun 24, 2015 at 1:50 PM, Jeffrey Walton wrote:

我看到WebCrypto API将允许发现密钥 ( http://www.w3.org/TR/WebCryptoAPI/):

I see the WebCrypto API will allow discovery of keys (http://www.w3.org/TR/WebCryptoAPI/):

除了签名生成等操作 和验证，哈希和验证以及加密 和解密，API提供了密钥的接口 生成，密钥派生，密钥导入和导出，以及 关键发现.

In addition to operations such as signature generation and verification, hashing and verification, and encryption and decryption, the API provides interfaces for key generation, key derivation, key import and export, and key discovery.

证书具有公钥，并且不如私钥敏感 键.

Certificates have public keys, and they are not as sensitive as private keys.

WebCrypto API允许发现/枚举证书吗?

Will the WebCrypto API allow discovery/enumeration of certificates?

我想发现或枚举的示例(除了 私钥):

Examples of what I would like to discover or enumerate (in addition to the private keys):

• 受信任的根
• 客户证书

• Trusted roots
• Client certs

受信任的根位于平台的信任库中.客户证书可能是 在信任库中.

Trusted Roots are in the platform's trust store. Client certs may be in the trust store.

预先感谢， 杰夫

Thanks in advance, Jeff

Chrome并没有计划实施这种计划，这是出于希望明显而又重要的隐私理由.

There are no plans from Chrome to implement such, on the hopefully obvious and significant privacy grounds.

客户端证书包含PII.受信任的证书包含PII和 指纹.

Client certs contain PII. Trusted certs contain PII and fingerprinting.

在现代的沙盒操作系统(例如iOS和Android)中， 应用程序也无法枚举，因为那些平台提供商 得出相同的结论.

In modern, sandboxed operating systems, such as iOS and Android, applications cannot enumerate either, as those platform providers reached the same conclusion.

所以没有.永远不会. 1

So no. Never.1

1 确实有很长的价值永远不会

1 For some really long value of never

这篇关于如何使用JavaScript或jQuery获取证书列表?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！