Home > Software design >  How can I use an HTTPS client certificate protected api with Firefox
How can I use an HTTPS client certificate protected api with Firefox

Time:11-03

I have protected my staging environment with an HTTPS client certificate. The site consists of multiple subdomains rest.site.com, files.site.com, site.com, etc.
Everyone has the same certificate.
The problem is that firefox doesn't send a client certificate with cors preflight requests. Which means those request will inevitably always fail and so firefox refuses to access the api at all.
So is there a way to force firefox to send the certificate with the preflight request?

CodePudding user response:

  1. type into the url bar about:config
  2. find network.cors_preflight.allow_client_cert
  3. set to true

client certs will now be sent with preflight requests

  • Related