My idea, well summarized, is to upload a file in the browser, where the browser will ask the user to select the certificate and thus the site will return the signed document.
Li in this topic one way to do with C # and ASP.NET using iTextSharp, which works inside Visual Studio in debug, but when I put it on the server it does not work. Returning the error below:
Message: The current session is not interactive. | HResult: -2146233079
I understand that it is because, in my code, it tries to open the certificates that are installed locally on the machine, but I would like to use the client certificate that is accessing the site.
I then tried to use it as described below, since my IIS requires an SSL certificate on the connection to be accessed:
//Recuperar dados do certificado selecionado pelo cliente no handshake
var Certificate = Request.ClientCertificate.Certificate;
X509Certificate2 cert = new X509Certificate2(Certificate);
However, when I use the method to sign the document, passing this certificate as a parameter, the error is returned to me:
Message: No private key. | HResult: -2147024809
What makes sense, since the private key should not be shared on the internet.
Anyway, everything I've read so far indicates that I'll have to have at least one plugin installed on the client's computer to get the private key and make the signature.
Is there an alternative? What would be the best way to do it?