Ok, I've explored further. It's not so much a null problem. It seems
that, when I get the SSL cert using the code below, for the FIRST
REQUEST AND RESPONSE I get the cert from the previous site. If there
was no cert, I get nothing.
This leads me to believe that this is _not_ the right way to be getting
the ssl cert for the server to which the browser is connecting. It
likely works for most cases, but there HAS to be a better way.
Any help?
In article <[EMAIL PROTECTED]>,
Chris Masone <[EMAIL PROTECTED]> wrote:
> Here is the problem I'm having...on the first request/response pair,
> there is no SSLStatus object! I've sniffed the traffic, and it appears
> to be encrypted, but for some reason that first pair doesn't seem to
> have a certificate associated with it. Here's the code I'm using
> (lifted pretty much straight from the sslbar folks, so many thanks to
> them!) to get the cert:
>
> var b = getBrowser();
> if (b)
> {
> var sui = b.securityUI;
> if (sui)
> {
> var prov = sui.QueryInterface(nsISSLStatusProvider);
> if (prov)
> {
> var status = prov.SSLStatus;
> if (status)
> {
> status = status.QueryInterface(nsISSLStatus);
> if (status)
> {
> return status.serverCert;
> }
> }
> }
> }
> }
> return null;
>
> The first time I connect to a server over HTTPS, for both the first
> outgoing request and incoming response, the 'status' object in the above
> code is null. In subsequent requests and responses, it's fine and I get
> the cert no problem.
_______________________________________________
dev-tech-crypto mailing list
[email protected]
https://lists.mozilla.org/listinfo/dev-tech-crypto
