Hi, i want to make client-based authentication and other uses such as digital signing
by using trusted certificates (p12 or pfx certificates installed in the device). I'm using jquery based app (not ionic).
I would like to know the correct approach to get the user certificate to allow access to the user and to use the public and/or the private key of the certificate. Is there some plugin or i need to code it?
Thank you in advance and happy 2019.
Hello Fernando,
Those solutions with private/public keys are used for server-side authentification, but it is not secure to use it on the mobile device. Any person who has the installed application on his device has direct access to your certificate.
If you need to build such a function in your application you have to run the auth server with these certificates and call it from the mobile app.
Hello Serhii,
I want to use certificate pinnig also to secure the communitacion with my API, but what i means is to use a user certificate installed in the mobile device of each user and not included in the app (different certificates for each user).
In my country (Spain) each person has a digital certificate available with their national ID card, so i want to use these certificates to improve the security in some ways by using the user identification included in the official certificate (added security to the classic user/password identification) and also for signing documents with the private key of the user included in the certificate or to encrypt private information of the user and to allow accesing to this information only to people having the public key of the user to decrypt this information.
I have readed something about KeyStore and use native code, also this links can help me:
https://www.avisi.nl/blog/2015/05/29/...
https://stackoverflow.com/questions/4...
But i don't know if there is a plugin available to make it possible, if i must to create a plugin for this purpose or if i must to execute native code for the android / ios detected device.
Thank you in advance.
Appery.io doesn't have such functionality by default. You can use the custom Cordova plugin like the link above. Unfortunately, any help (and/or debugging) with your custom app code or logic as well as 3rd party Apache Cordova/PhoneGap plugins are not covered by our Support policy (https://docs.appery.io/docs/general-s...).
To get such help, you will need to consider purchasing Advisory Pack: (https://appery.io/services/#Advisory_...)
Thank you. I will make some tests. I'm happy to know your Advisory Pack.