java - Access installed certified to sign

Question

I am trying to sign an Object in a Java + JSF project.

What I have done so far is create my own X509 certificate as well as a CA with XCA and install both of them on Firefox and Chrome.

I have been searching for 3 days how could I access it to sign (the typical pop-up asking for select a certificate in case you have more than one installed) but I just cannot find something useful. I have seen multiple times this code line:

X509Certificate[] certs = (X509Certificate[]) request.getAttribute("javax.servlet.request.X509Certificate");

but I have no clue about where can I get that request with the certificate.

1) Where can I get that request?

2) Do I need a SSL connection to be able to do this?

3) Just... how, I cannot find info so any help will be appreciated

Thanks in advance

Answer 1

Due to security restrictions on browsers you can not digitally sign using the browser or system key store. Neither with javascript, nor with java nor with a plugin.

See How to make a digital signature in a web application (JavaScript) using a smartcard?

1) Where can I get that request?

X509Certificate[] certs = (X509Certificate[]) request.getAttribute("javax.servlet.request.X509Certificate");

This code is for something else. It allows to obtain the certificate of the user in an SSL identification

2) Do I need a SSL connection to be able to do this?

It is not related

3) Just... how, I cannot find info so any help will be appreciated

Alternatives:

• Use WebCryptographyApi to load certificate. See How to load a PKCS#12 Digital Certificate with Javascript WebCrypto API

• Use chrome messaging api (Estonia). See https://stackoverflow.com/a/29806091/6371459

• Use a local application connected through javascript (Spain) See https://stackoverflow.com/a/38658414/6371459