You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

2.1 KiB

Browser PKCS#10 CSR generation PoC

This repository contains a small proof of concept implementation of browser based PKCS#10 certificate signing request and PKCS#12 key store generation using node-forge.

The backend is implemented in Go and utilizes openssl for the signing operations.


  1. Clone the repository

    git clone
  2. Get dependencies and build assets

    cd browser_csr_generation
    npm install --global gulp-cli
    npm install
  3. Setup the example CA and a server certificate and key

    openssl req -new -x509 -days 365 -subj "/CN=localhost" -addext subjectAltName=DNS:localhost -newkey rsa:3072 \
      -nodes -out server.crt.pem -keyout server.key.pem
  4. Run the Go based backend

    go run main.go

    Open https://localhost:8000/ in your browser.

  5. Run gulp watch

    You can run a gulp watch in a second terminal window to automatically publish changes to the files in the src directory:

    gulp watch


This PoC uses go-i18n for internationalization (i18n) support.

The translation workflow needs the go18n binary which can be installed via

go get -u

To extract new messages from the code run

goi18n extract

Then use

goi18n merge active.*.toml

to create TOML files for translation as translate.<locale>.toml. After translating the messages run

goi18n merge active.*.toml translate.*.toml

to merge the messages back into the active translation files. To add a new language you need to add the language code to main.go's i18n bundle loading code

for _, lang := range []string{"en-US", "de-DE"} {
    if _, err := bundle.LoadMessageFile(fmt.Sprintf("active.%s.toml", lang)); err != nil {