Microsoft Corporation
Automatic generation of app-specific client certification

Abstract:

Techniques for automatic generation of app-specific client certification are disclosed herein. In one embodiment, a method includes receiving, at a web server in a packaged application containing a co-packaged web client, a connection request from a web client and a first copy of a client certificate from the web client. Upon receiving the client certificate, the web server can authenticate the connection request from the web client using a second copy of a client certificate previously generated by the web server for the co-packaged web client. In response to successfully authenticating, based on both the first and second copies of the client certificate, the web server can establish a secure connection with the web client to allow the web client access to system level services on the computing device. Otherwise, the web server would refuse connection.