community-website/clientcert/README.md
2024-05-20 17:01:17 +02:00

51 lines
1.5 KiB
Markdown

# Browser based client certificate creation
This repository contains an implementation to create a client certificate key store in a modern Web browser.
The implementation uses the excellent [node-forge](https://github.com/digitalbazaar/forge) library.
[Bootstrap 5](https://getbootstrap.com/docs/5.2/) is used for styling the user interface.
This is meant as a replacement for the `<keygen>` tag that has been removed from browsers.
The following steps have been implemented:
- choose a common name for the subject of the certificate signing request
- generate an RSA key pair with a selectable size
- generate a certificate signing request (PKCS#10 CSR)
- paste the certificate signed by the certificate authority
- build a PKCS#12 (also known as .p12 or .pfx) key store file with a password chosen by the user. That file contains the
generated key pair, the client certificate, and the CA certificate chain
The implementation contains the [CAcert CA certificates](https://secure.cacert.org/index.php?id=3) for CA chain
building.
## Running
1. Install dependencies
```shell
sudo apt install git npm
```
2. Clone the repository
```shell
git clone https://code.cacert.org/cacert/browser-csr-generation.git
```
3. Get dependencies and build assets
```shell
cd browser-csr-generation
npm install --no-save --user gulp-cli
npm install
npm run build
```
4. Open `public/index.html` in a Web browser
5. Run
```
npm run watch
```
to continuously update the `public/index.html` when changing `src/index.html`