OnClientCertificateRequested
Interface AntView
Type: Event
Parameters: Boolean Cancel Boolean Handled String Host String HostInfo String TrustedCerts Integer SelectedCert
Event that triggers when a client certificate is requested by the website visited.
Get/Set Cancel. By setting Cancel to True you cancel the connection to the URL as was set, the default is false.
Get/Set Handled. By setting Handled to True you indicate that you are handling the client certificate selection, the default is false. If you are not handling the certificate selection then the WebView2 control will show a popup with the possible client certificates to select. If you do not have matching client certificates installed then you will be denied access to the site (Error 400)
Host (read-only) contains the domain name of the site you want to access.
HostInfo (read-only) is a JSON object that contains the port number and if the host is behind a proxy server.
HostInfo should also contain an array of strings with the names of the relevant Certificate Authorities. At the time of writing this does nor work due to a bug in WebView2 (see github issue #2346). Seems like they provide raw DER data in a string.
So for the moment this detail is missing from the JSON.
TrustedCerts (read-only) is a JSON object array that lists the available client certificates installed on the browser's computer that you can choose from. The "id" name/value pair identifies the certificate to select.
SelectedCert is used to select the certificate when the Handled parameter is set to True.
More details can be found at the Microsoft .Net interface: CoreWebView2.ClientCertificateRequested.
The site https://badssl.com is convenient for running some tests and has been made available by some people of the Chromium team.
We use it here to explain how AntView works with client certificates.
First install the client certificate by downloading it from https://badssl.com/download/. You can install the .p12 file via the following steps:
- Open MS Edge
- Click on the 3 dots (...) in the top right (settings & more)
- Select "Settings" in the menu.
- On the left select "Privacy, Search & Services"
- Scroll down until "Security"
- Click "Manage certificates"
- On the "Personal" tab page, click on the "Import" button
- Follow the steps on the wizard, browse for file name to where you downloaded your .p12 file.
- Change File Type from "X.509 (*.cer,*.crt)" into "Personal Information Exchange (*.p12)", now you can select the file "badssl.com-client.p12"
- Click "open", Click "Next"
- Enter password "badssl.com" (without the quotes)
- Click "Next", "Next" -> "Finish"
Then visit the client certificate specific test at https://client.badssl.com
When the OnClientCertificateRequested event triggers, you'll find the following data in the parameters:
Cancel = False
Handled = False
Host = "client.badssl.com"
HostInfo = '{"port":443,"isProxy":false}'
TrustedCerts = '{"certificates":[{"id":0,"subject":"BadSSL Client Certificate","issuer":"BadSSL Client Root Certificate Authority","displayName":"BadSSL Client Certificate","serialNumber":"","kind":2,"validFrom":"2022-03-29T02:07:45.000Z","validTo":"2024-03-28T01:07:45.000Z","pem":"-----BEGIN CERTIFICATE-----
\nMIIEnTCCAoWgAwIBAgIJAMiF+U0bhCcoMA0GCSqGSIb3DQEBCwUAMH4xCzAJBgNV
.... SNIP and a LOT MORE DATA HERE ....
\nggTTMnNZTBamkf+/GVqhZ/bk3Woco4vYG5q6XKFJOkN/
\n-----END CERTIFICATE-----
\n"}]}'
SelectedCert = -1
You can then select that certificate automatically by changing Handled to True and setting SelectedCert to the id of the certificate you wan to use. As we only have 1 client certificate here, that means setting SelectedCert to 0.
If you had not installed the client certificate then the following would show:
Cancel = False
Handled = False
Host = "client.badssl.com"
HostInfo = '{"port":443,"isProxy":false}'
TrustedCerts = '{"certificates":[]}'
SelectedCert = -1
and the page will display:
400 Bad Request
No required SSL certificate was sent
nginx/1.10.3 (Ubuntu)
without even so much as a certificate selector that pops up as in that case there is no certificate to select from.
Introduced in AntView release 1.1.164
AntView - The MS Edge WebView2 ActiveX control Date last changed: 09/25/2024