Browser based client certificate creation
This repository contains an implementation to create a client certificate key store in a modern Web browser.
The implementation uses the excellent node-forge library.
Bootstrap 5 is used for styling the user interface.
This is meant as a replacement for the
<keygen> tag that has been removed from browsers.
The following steps have been implemented:
- choose a common name for the subject of the certificate signing request
- generate an RSA key pair with a selectable size
- generate a certificate signing request (PKCS#10 CSR)
- paste the certificate signed by the certificate authority
- build a PKCS#12 (also known as .p12 or .pfx) key store file with a password chosen by the user. That file contains the generated key pair, the client certificate, and the CA certificate chain
The implementation contains the CAcert CA certificates for CA chain building.
sudo apt install git npm
Clone the repository
git clone https://code.cacert.org/cacert/browser-csr-generation.git
Get dependencies and build assets
cd browser-csr-generation npm install --no-save --user gulp-cli npm install npm run build
public/index.htmlin a Web browser
npm run watch
to continuously update the