This project is not maintained anymore. You can still view and search the archives.

How we built Origin CA: Web Crypto

Hi, I’m Anselm Hannemann, a freelance Frontend Developer and Engineering Manager. You can hire me. I wrote WDRL for 10 years and have a a Market Garden as a side-business.

This link appeared in WDRL 137 on 13.05.2016.

How we built Origin CA: Web Crypto

GlobalSign has created a client-side PKI implementation to make certificates more secure. The open-source JavaScript library pkijs implements the formats that are used in PKI applications like signing, encryption, certificate requests, OCSP and TSP requests/responses. It is built on WebCrypto (Web Cryptography API) and requires no plug-ins. And now, CloudFlare has built “Origin CA” with it to make it easier to secure the connection between CloudFlare and the origin server.