Jan Dittberner
2ad9cbaabe
git-subtree-dir: clientcert git-subtree-mainline: |
||
---|---|---|
.. | ||
src | ||
.gitignore | ||
COPYING | ||
gulpfile.js | ||
package-lock.json | ||
package.json | ||
README.md |
Browser based client certificate creation
This repository contains an implementation to create a client certificate key store in a modern Web browser.
The implementation uses the excellent node-forge library.
Bootstrap 5 is used for styling the user interface.
This is meant as a replacement for the <keygen>
tag that has been removed from browsers.
The following steps have been implemented:
- choose a common name for the subject of the certificate signing request
- generate an RSA key pair with a selectable size
- generate a certificate signing request (PKCS#10 CSR)
- paste the certificate signed by the certificate authority
- build a PKCS#12 (also known as .p12 or .pfx) key store file with a password chosen by the user. That file contains the generated key pair, the client certificate, and the CA certificate chain
The implementation contains the CAcert CA certificates for CA chain building.
Running
-
Install dependencies
sudo apt install git npm
-
Clone the repository
git clone https://code.cacert.org/cacert/browser-csr-generation.git
-
Get dependencies and build assets
cd browser-csr-generation npm install --no-save --user gulp-cli npm install npm run build
-
Open
public/index.html
in a Web browser -
Run
npm run watch
to continuously update the
public/index.html
when changingsrc/index.html