Skip to content
This repository has been archived by the owner on Dec 11, 2019. It is now read-only.

add a way to view TLS certificates #1057

Closed
diracdeltas opened this issue Mar 10, 2016 · 12 comments · Fixed by #2428
Closed

add a way to view TLS certificates #1057

diracdeltas opened this issue Mar 10, 2016 · 12 comments · Fixed by #2428

Comments

@diracdeltas
Copy link
Member

There should be some way to at least view/download the raw TLS certificate on an HTTPS site. However, AFAICT the cert is only exposed to javascript when there is a certificate error event.

For sites where there is a cert error, the frame security state includes

       cert: {
            data: Uint8Array,
            issuer: string
        }

This should be visible somewhere in the UI - either by clicking on the lock icon in the URL bar, or as an advanced option on about:certerror.

@ramSeraph
Copy link

I came here after seeing the good-first-bug label. Can I have a go at this?

@diracdeltas
Copy link
Member Author

Go for it; let me know if you have questions

@ramSeraph
Copy link

Sure, Will do

@ramSeraph
Copy link

Do we need to show the TLS cert only when there is a cert error or do we want to show it always?

Even for the error case, the comment on this line seems to suggest that the ommision of the raw TLS cert was intentional for the "about:certerror" page. Should I go ahead and send the cert anyway or is there a way to pull the TLS cert lazily when required?

For the case when there is no cert error, if we really want it, we can probably make changes to electron to make the TLS cert available. I don't mind giving this a shot as long as I don't need to touch chromium :).

@diracdeltas
Copy link
Member Author

Do we need to show the TLS cert only when there is a cert error or do we want to show it always?

For now, I think it's fine to just show it when there's an error. Eventually it will be nice to show it always, but as you mentioned, that requires changing Electron. :)

https://github.com/brave/browser-laptop/blob/master/js/components/frame.js#L328 was happening as of a few Electron releases ago; i would try sending the cert anyway in hopes that the crash has been fixed now.

if it still crashes, you can make the about:certerror page send a message to the main process asking for the cert for a given URL when the user clicks a Show certificate button. Similar to this code path. Then in app/index.js, add an IPC listener for that message and return the cert to e.sender.

@ramSeraph
Copy link

Ack. Fixing problems with my dev env currently( I have a gnome ban, the gnome-keyring dependency was unexpected ). Will send a PR when done.

@kenorb
Copy link
Contributor

kenorb commented May 7, 2016

The certificate can be checked in DevTools in Security tab, however clicking on View certificate in Overview does nothing. Same for Secure Origins pages below, where Open full certificate details doesn't do anything.

@cezaraugusto
Copy link
Contributor

@ramSeraph are you still working on this issue?

@ramSeraph
Copy link

Nope. Sorry. Got busy elsewhere

@darkdh
Copy link
Member

darkdh commented Jul 3, 2016

@ramSeraph , would you mind if I take it from here?

darkdh added a commit to darkdh/browser-laptop that referenced this issue Jul 9, 2016
darkdh added a commit to darkdh/browser-laptop that referenced this issue Jul 12, 2016
darkdh added a commit to darkdh/browser-laptop that referenced this issue Jul 13, 2016
darkdh added a commit to darkdh/browser-laptop that referenced this issue Jul 15, 2016
darkdh added a commit to darkdh/browser-laptop that referenced this issue Jul 15, 2016
@luixxiul
Copy link
Contributor

Is this in 0.11.2?

@bbondy bbondy added this to the 0.11.2dev milestone Jul 20, 2016
@bbondy
Copy link
Member

bbondy commented Jul 20, 2016

yep not this release but next

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Projects
None yet
Development

Successfully merging a pull request may close this issue.

8 participants