Web-based issuance


#1

Will it be possible to get certificates issued using a web browser if you can’t use the client (e.g. the server you need to configure is on shared hosting), or for example you only have access to shared PCs and can’t run the client?


Shared hosting: Use Let's Encrypt without SSH access
#2

A lot of us believe this would be a cool thing for someone to put together: a Javascript client using WebCrypto. We have the framework for this as a Node.JS test tool in the Boulder CA source code.

As of now I’m unaware of any in-browser ACME clients, but I hope that changes!


#3

I am working on a web front-end to the client which will be hosted at approach.im and freely available for install on your own servers. I will make a posting here when it is ready


#4

another Idea would be an approach where you do the keys and singning youself with some simple software, there should be enough out for that

and to login you have to sign a string using the key and send the signed thing back via a simple web form then you send them a signed CSR (via simple web form), and if the domain wasnt validated yet you complete the challenges and tell them you have finished and then (if the verification is successful) you get a link to your cert which doesnt need to be hidden because it’s available in the open from the start