Does electron work with client certificates?


#1

Hello there, I am trying to get my electron wrapped app work with client certificates. Is this a possibility?

https://github.com/electron/electron/blob/master/docs/api/app.md#appimportcertificateoptions-callback-linux --> this function does not work on OS X (haven’t tried on linux)

Bottom line, one of my customer sites uses a client cert and I was curious if I can get electron to download and use that certificate like Chrome does

thx


#2

It does.

For future reference, my code stub for main.js to pick a client certificate from inside the app:

app.on('select-client-certificate', (event, webContents, url, list, callback) => {
  console.log('select-client-certificate', url, list)
  event.preventDefault()

  ipc.once('client-certificate-selected', (event, item) => {
    console.log('selected:', item)
    callback(item)
  })

  mainWindow.webContents.send('select-client-certificate', list)
})

app.on('certificate-error', (event, webContents, url, error, certificate, callback) => {
  console.log('certificate-error', url)
  event.preventDefault()
  const result = ... // do your validation here
  callback(result)
})

It can be stripped down to a bare minimum, but you seriously have to put at least some thought in it to prevent embarrassing security incidents in the future.


#4

You should install your client certificates into a chrome certificate storage first.


#5

Did you try the pfx and passphrase option from the https library (doc)?

var opts = {
    protocol: 'https',
    hostname: 'myserver.com',
}
opts.pfx = new Buffer(_certificateData, 'base64');
opts.passphrase = _certificatePassphrase;
var request = https.request(opts);