Best way to use a client certificate


#1

I’d like to write an app that uses a REST API which requires a special client certificate to access. From what I’ve read using a client certificate inside the HTML code requires the user to install the certificate in their Chrome browser certificate store. However there is a NodeJS HTTPS module that seems to be able load a pem file directly and make https calls using it. My question is which is the best way to deal with this?

If we use the API directly in the HTML code (Angular 5) we would need to install the certificate in the Chrome certificate store right? Is there any automated way to do that? Even if we have to do it from the installer that’s fine. I just don’t want to have to explain to the user how to do it manually.

Alternatively would it be feasible to write some sort of proxy API using the nodejs https module and access that from our Angular code instead?

Or is there some 3rd option I’m not considering to accomplish this? I have sample code written in python and java that can use the certificate directly. I guess maybe I could write a proxy using one of those languages and call them as native functions. But then I’d have to maintain another bit of code and both of those would require additional platform installs to function. So I’d rather avoid this route if possible.


#2

Anyone have any experience with this?