How we built Origin CA: Web Crypto
Cloudflare introduced Origin CA, a service that allows users to get certificates directly from them without needing to go through third-party certificate authorities. The private key is generated client-side in the browser using W3C's Web Crypto API and only the public key is sent to Cloudflare servers for security purposes. This feature not only ensures privacy but also provides a simpler, more convenient way of getting certificates without requiring command-line operations. The Origin CA dashboard uses WebCrypto for generating keys and PKI.js for creating CSRs.
Company
Cloudflare
Date published
May 10, 2016
Author(s)
Nick Sullivan
Word count
910
Language
English
Hacker News points
18