在 Web 浏览器中,JavaScript 是否可以获取有关用于当前页面的 HTTPS 证书的信息?
是否有一种方法可以让浏览器中运行的 JavaScript 确定使用哪个 CA 证书来验证浏览器当前 HTTPS 连接的远程主机,并获取该证书的属性,例如 CA 的名称?
Is there a method for JavaScript running in a browser to determine which CA certificate is being used to authenticate the remote host for the browser's current HTTPS connection, and also obtain properties of that certificate, such as the name of the CA?
如果没有,是否还有其他选择以编程方式获取此信息,例如服务器端的 ActiveX、Java、CGI,...?
If not, are there any other options for programatically obtaining this information, such as ActiveX, Java, CGI on the server side, ...?
您可以使用开源的Forge 项目 做到这一点.它在 JavaScript 中实现了 SSL/TLS.您可以对服务器进行 ajax 调用并使用回调来检查证书.请记住,服务器是发送 JavaScript 的服务器,因此不应使用它来确定您是否信任 JavaScript 来自的服务器.Forge 项目确实允许跨域请求,因此如果您将其用于信任,您可以从您已经信任的服务器加载 Forge JavaScript,然后联系您尚不信任的服务器.但是,除非其他服务器提供跨域策略,否则您将无法执行跨域请求.
You can use the opensource Forge project to do this. It implements SSL/TLS in JavaScript. You can make an ajax call to the server and use a callback to inspect the certificate. Keep in mind that the server is the one sending the JavaScript so this shouldn't be used to determine whether or not you trust the server the JavaScript is from. The Forge project does allow cross-domain requests, so if you are using this for trust, you can load the Forge JavaScript from a server you already trust and then contact the server you don't yet trust. However, unless that other server provides a cross-domain policy, you will not be able to perform the cross-domain request.
https://github.com/digitalbazaar/forge/blob/master/README.md
自述文件中的博客链接提供了有关如何使用 Forge 及其工作原理的更多信息.
The blog links in the README provide more information on how Forge can be used and how it works.