I have founded one way to do what I want I have used the JCAPI lib (www.phoex.com) in an applet So, now the user can choose the cert to send to server. It works on Windows keystore.
On 2/17/06, David Tonhofer, m-plify S.A. <[EMAIL PROTECTED]> wrote: > --On Friday, February 17, 2006 2:01 PM -0300 Luis Henrique <[EMAIL > PROTECTED]> wrote: > > > I dont care about the session security. > > I just want to associate the broser user with one in my database. For > > this a need to get his cert. > > > You *can* set up HTTPS then drop to NULL encryption :-P To get the cert > transparently you have to use the HTTPS protocol - there is no other > wide-recognized protocol to get at the cert. Consider: > > You have to make sure that the cert you get is actually one that the > user is allowed to present you (one that he didn't snatch off the > neighbour's disk). This is done by checking whether the client also > owns the private key associated to the public key in the cert, so > some encryption traffic will have to take place. > > > Best, > > -- David > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]