chromiumembedded / java-cef

Java Chromium Embedded Framework (JCEF). A simple framework for embedding Chromium-based browsers in other applications using the Java programming language.
https://bitbucket.org/chromiumembedded/java-cef
Other
655 stars 147 forks source link

Expose CefSslInfo on CefRequestHandler::onCertificateError #449

Open adam-sherpa6 opened 1 year ago

adam-sherpa6 commented 1 year ago

Is your feature request related to a problem? Please describe. Yes. When connecting to a server with self signed certificates, it would be nice to have access to the CefSslInfo so that we can grab the server's x509 certificate and check it against a trust store that was previously specified by the user. Having this feature should help in determining whether or not communicating with servers that use self-signed certificates is safe. Many DOD environments do not use public trust authorities.

Describe the solution you'd like It looks like this is available in chromiumembedded/cef but not java-cef. It would be nice for that to be exposed in jcef so that we can grab the x509 cert. This information should be exposed on CefRequestHandler::onCertificateError.

Describe alternatives you've considered In the mean time I'm opening a separate HTTPSUrlConnection to establish the connection by specifying a socket factory, and inferring that the trust succeeds/fails based on whether the connection is successful from using that socket factory. I need to avoid static setters like SSLContext.setDefault and HttpsUrlConnection.setDefaultSslSocketFactory since in my case I'm running in a plugin environment, and would not want to overwrite global values across all plugins in the app.