Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

Get certificate from running instance of Internet Explorer

41 views
Skip to first unread message

Bernd Christiansen

unread,
Oct 30, 2004, 8:19:14 PM10/30/04
to
Hello:

Is there a way to get the certificate of a seucre web page that is
currently being displayed by a running instance of Internet Explorer?

When displaying a secure web page, Internet explorer shows a small
yellow padlock in the bottom right corner. When hovering over the
padlock it says something like "SSL Secured (128 Bit)". When
double-clicking it, Internet Explorer opens a new window that displays
detailed information on the server's certificate (e.g., Issuer, Valid
From-To, Subject, Public Key, etc.). That's the information I'm
trying to get from a running instance from Internet Explorer!

While there are lots of postings that explain how to connect to a
running instance of Internet Explorer, I couldn't find any information
on how to get information on the certificate of the web page that is
currently being displayed.

Any ideas anybody?

Thanks you very much,


-Bernd

Igor Tandetnik

unread,
Nov 1, 2004, 11:15:43 AM11/1/04
to
"Bernd Christiansen" <bernd.chr...@gmail.com> wrote in message
news:310f10fd.04103...@posting.google.com

> Is there a way to get the certificate of a seucre web page that is
> currently being displayed by a running instance of Internet Explorer?
>
> When displaying a secure web page, Internet explorer shows a small
> yellow padlock in the bottom right corner. When hovering over the
> padlock it says something like "SSL Secured (128 Bit)". When
> double-clicking it, Internet Explorer opens a new window that displays
> detailed information on the server's certificate (e.g., Issuer, Valid
> From-To, Subject, Public Key, etc.). That's the information I'm
> trying to get from a running instance from Internet Explorer!

There is an undocumented function InternetGetCertByURL exported from
WinInet.dll. I don't know what parameters it takes - I'll look it up and
tell you tomorrow. Also, I strongly suspect it will only work from
inside the process that actually navigated to that URL - in your case,
IE's process.

To display that certificate dialog box, MSHTML uses another undocumented
export - InternetShowSecurityInfoByURL. See

http://groups.google.com/groups?threadm=3FAAD2A0.1069%40hotmail.com

Finally, you can handle SetSecureLockIcon event to get just enough
information to display "SSL Secured (128 Bit)".
--
With best wishes,
Igor Tandetnik

"On two occasions, I have been asked [by members of Parliament], 'Pray,
Mr. Babbage, if you put into the machine wrong figures, will the right
answers come out?' I am not able to rightly apprehend the kind of
confusion of ideas that could provoke such a question." -- Charles
Babbage


Igor Tandetnik

unread,
Nov 2, 2004, 9:36:32 AM11/2/04
to
"Igor Tandetnik" <itand...@mvps.org> wrote in message
news:OL7E83C...@TK2MSFTNGP11.phx.gbl

> There is an undocumented function InternetGetCertByURL exported from
> WinInet.dll. I don't know what parameters it takes - I'll look it up
> and tell you tomorrow.

INTERNETAPI_(BOOL) InternetGetCertByURL(LPCWSTR lpszURL,
LPWSTR lpszCertText,
DWORD dwcbCertText);

INTERNETAPI_(BOOL) InternetGetCertByURLA(LPCSTR lpszURL,
LPSTR lpszCertText,
DWORD dwcbCertText);

Returns the certificate as a string in the same format as
InternetQueryOption(INTERNET_OPTION_SECURITY_CERTIFICATE). Not
particularly exciting - I bet you'd prefer PCERT_CONTEXT. I don't see
any way to get to this, though WinInet clearly has it somewhere inside.

0 new messages