/plushcap/analysis/cloudflare/how-we-built-origin-ca-web-crypto

How we built Origin CA: Web Crypto

What's this blog post about?

Cloudflare introduced Origin CA, a service that allows users to get certificates directly from them without needing to go through third-party certificate authorities. The private key is generated client-side in the browser using W3C's Web Crypto API and only the public key is sent to Cloudflare servers for security purposes. This feature not only ensures privacy but also provides a simpler, more convenient way of getting certificates without requiring command-line operations. The Origin CA dashboard uses WebCrypto for generating keys and PKI.js for creating CSRs.

Company
Cloudflare

Date published
May 10, 2016

Author(s)
Nick Sullivan

Word count
910

Hacker News points
None found.

Language
English


By Matt Makai. 2021-2024.