To authenticate a user using the digital certificate, and to obtain this certificate in the backend it is necessary to enable the "SSL / TSL Handshake" option on the web server with the option to export the certificate as environment variable - allowing access, after being authorized and selected, by the language behind the web application .
However, only certificates that are in the property " CA bundle " are allowed and listed at the prompt. The CA bundle defines the certificate chain that is trusted for authentication to this site.
In the case of e-CPF and e-CNPJ, which are digital certificates signed by the certification chain of ICP-Brasil a>.
I have used a script to download and generate the bundle with all the certificates publicly available on the official website, for those who are interested the script is as follows , but I did not succeed in implementing the generated file in my webserver because the order generated by this script is random.
As this script lowers all certificates, it is still allowing the inclusion of NF-e and OAB type certificates, which is not the focus.
The expected result looks something like this:
Tryingonallthecombinationswouldnotbeanoptionatthemomentbecausetherearemorethan133certificatesfromthemaindirectory(availablehereforthosewhoneedtodownload: link ).