[ https://issues.apache.org/jira/browse/CB-2669?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13955219#comment-13955219 ]
Jamie Brooks commented on CB-2669: ---------------------------------- In the end, we wrote an extension to Cordova to support mutual SSL -- the extension, however, in written in Objective C and therefore only works on iOS. > Support for mutual SSL (on Ajax calls) > -------------------------------------- > > Key: CB-2669 > URL: https://issues.apache.org/jira/browse/CB-2669 > Project: Apache Cordova > Issue Type: New Feature > Components: iOS > Affects Versions: 2.5.0 > Environment: In many situations, two-factor authentication is > mandatory. > Reporter: Jamie Brooks > Labels: SSL, clientcertificate, core, mutualSSL, two-factor > Original Estimate: 48h > Remaining Estimate: 48h > > In some situations, two-factor authentication is required, and client > certificates (a X.509 certificate with a 1.3.6.1.5.5.7.3.2 enhanced key > usage) are a popular choice as a first factor. With mutual SSL, the client > verifies the server's identity (server authentication) and the server > verifies the client's identity (client authentication). Unfortunately, > Cordova does not support mutual SSL. -- This message was sent by Atlassian JIRA (v6.2#6252)