Java Chromium Embedded Framework (JCEF). A simple framework for embedding Chromium-based browsers in other applications using the Java programming language.
Is your feature request related to a problem? Please describe.
Yes. When connecting to a server with self signed certificates, it would be nice to have access to the CefSslInfo so that we can grab the server's x509 certificate and check it against a trust store that was previously specified by the user. Having this feature should help in determining whether or not communicating with servers that use self-signed certificates is safe. Many DOD environments do not use public trust authorities.
Describe the solution you'd like
It looks like this is available in chromiumembedded/cef but not java-cef. It would be nice for that to be exposed in jcef so that we can grab the x509 cert. This information should be exposed on CefRequestHandler::onCertificateError.
Describe alternatives you've considered
In the mean time I'm opening a separate HTTPSUrlConnection to establish the connection by specifying a socket factory, and inferring that the trust succeeds/fails based on whether the connection is successful from using that socket factory. I need to avoid static setters like SSLContext.setDefault and HttpsUrlConnection.setDefaultSslSocketFactory since in my case I'm running in a plugin environment, and would not want to overwrite global values across all plugins in the app.
Is your feature request related to a problem? Please describe. Yes. When connecting to a server with self signed certificates, it would be nice to have access to the CefSslInfo so that we can grab the server's x509 certificate and check it against a trust store that was previously specified by the user. Having this feature should help in determining whether or not communicating with servers that use self-signed certificates is safe. Many DOD environments do not use public trust authorities.
Describe the solution you'd like It looks like this is available in chromiumembedded/cef but not java-cef. It would be nice for that to be exposed in jcef so that we can grab the x509 cert. This information should be exposed on CefRequestHandler::onCertificateError.
Describe alternatives you've considered In the mean time I'm opening a separate HTTPSUrlConnection to establish the connection by specifying a socket factory, and inferring that the trust succeeds/fails based on whether the connection is successful from using that socket factory. I need to avoid static setters like SSLContext.setDefault and HttpsUrlConnection.setDefaultSslSocketFactory since in my case I'm running in a plugin environment, and would not want to overwrite global values across all plugins in the app.