Renegotiate the SSL/TLS session if requested to allow to 'requestCert' per http request #2496
Comments
There is a report for current webid implementation in node. with a working module. Maybe this helps to further understand the problem and/or test this issue: http://magnetik.github.com/node-webid-report/ |
+1 |
Any news or updates on this issue? Will it make it into 0.8? |
Probably not. I didn't (and don't) have time to work on it. |
Any news or updates on this issue? |
I am also very interested in this! Any news on this? |
Wont' be in 0.10. Maybe 0.12. |
I am using a curl client where i set the certificate. I only want to use this with curl. Can I use req.authenticate , but not force the client to choose a certificate. If I want to use a certificate I set it on the client (curl) manually. Browsers won't create the popup window. Can I configure something like that? It would be a kind of workaround for me.... |
@indutny Any interest in doing this? |
@isaacs lets see what I can do about it. |
Let me know if i can help you in any way. Testing etc. Would be great if we were able to use that in node |
See wip #6114 |
This utility function allows renegotiaion of secure connection after establishing it. fix nodejs#2496
Fixed in af76b08 ! |
@indutny Sorry to be posting this almost 2 years later, but is it possible that you give an example of how this can be used to achieve the desired effect in the original question? Like how you can have certificate selection dialog box only on www.example.com/login, especially if we're using https = require('https').Server(options,app) where options has the fields requestCert and rejectUnauthorized? Thanks! |
At the moment a https server can be configured with 'requestCert:true'. This asks the client to provide a client certificate. In the browser this will pop up a dialog to select a certificate on every request to any url. Sometimes this is OK, but sometimes not. Especially for WebID (http://www.w3.org/2005/Incubator/webid/spec/) Authentication and Authorization (http://webid.info/) you usually want to deliver a nice login UI for your users and just want to show that certificate selection dialog on specific requests to urls like http://example.com/login for instance.
The corresponding Mailing List Thread where initial discussion with @bnoordhuis began: http://groups.google.com/group/nodejs/browse_thread/thread/ac6f4336825a4113
Kind regards
The text was updated successfully, but these errors were encountered: