sslssl-certificateclient-certificatesmutual-authentication
Sending an HTTP request with client certificates in Chrome
I have an API on Azure that is protected with mutual authentication. The server certificate is internally handled by Azure:
I've created a self signed certificate and added it to my local computer's list of Trusted Root Certification Authorities as well as my Personal certificates:
When attempting to hit the API through Chrome (specifically the Chrome App Postman), I'm getting a 403 indicating my request didn't have a certificate associated with it.
- Do I have a misunderstanding of how this should work?
- It's possible I've created the client certificate incorrectly. Everything I read online point to using OpenSSL to create these, however I had some issues getting it to run on a Windows machine and went through a variety of other tools: MakeCert, PowerShell's New-SelfSignedCertificate, and Self-Signed Certificate Generator. All seem to create certificates, but I have no real way of knowing if I created them correctly.
- If the certificate was created correctly, how do I get Chrome to submit the certificate with the request? Shouldn't it just automatically pick up the cert when I add it to the store?
Solution
Turns out I had to go to the root url of the site in chrome (i.e. https://my_app_name.azurewebsites.net) and chrome would display a pop up allowing me to choose the certificate to use with the request.
- curl error 35 : failed to receive handshake, SSL/TLS connection failed
- Curl: Fix CURL (51) SSL error: no alternative certificate subject name matches
- How to disable SSL verification in Spring Vault
- gitea using a normal user and https
- Is possible to use Amazon Elastic Beanstalk with SSL (HTTPS) without a Load Balancer?
- Received fatal alert: bad_certificate
- Composer Curl error 60: SSL certificate problem: unable to get local issuer certificate
- Reason to disable CSRF in spring boot
- Composer : SSL certificate problem: unable to get local issuer certificate
- Unable to verify leaf signature
- Java Keytool error after importing certificate , "keytool error: java.io.FileNotFoundException & Access Denied"
- SSL, Connection is not secure
- kubectl unable to connect to server: x509: certificate signed by unknown authority
- Cannot figure out why DTLS handshake does not complete
- file_get_contents(): SSL operation failed with code 1, Failed to enable crypto
- How to Check Subject Alternative Names for a SSL/TLS Certificate?
- Self-Signed CA Certificates Rejected by Android
- AWS Java SDK SSL Certificates
- How to use awx cli?
- nodejs environment variable "NODE_EXTRA_CA_CERTS"
- How to connect to MongoDB with certificate using DataGrip?
- Insomnia : Error: SSL peer certificate or SSH remote key was not OK
- AWS EC2 Spring Boot Deployment - SSL/HTTPS Error after Configuring Route 53, ACM, and GoDaddy
- Resolving javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed Error?
- Implicitly trust SSL certificates in iOS app for private API
- Protecting against MitM (https) seeing password with encryption using included pub. key in iOS/Android app
- Docker not able to pull images behind proxy TLS handshake timeout
- How come I can make SSL connections to AWS Postgre RDS, when the ca certificate already expired?
- HTTP to HTTPS Nginx too many redirects
- curl error 60 while downloading https://repo.packagist.org Certificate issue on Ubuntu?