Hacker News new | past | comments | ask | show | jobs | submit login
Show HN: Certainty-JS: Automated CACert.pem Management for Node.js Software (github.com/paragonie)
3 points by CiPHPerCoder on Oct 1, 2019 | hide | past | favorite | 1 comment



Hi HN,

A couple years ago I started developing an open source PHP library called Certainty. You can read about it here: https://paragonie.com/blog/2017/10/certainty-automated-cacer...

Essentially, I wanted to ensure that server-to-server HTTP requests use TLS securely in open source projects, but unfortunately a lot of code disabled TLS verification in PHP software.

Including eCommerce plugins.

Including eCommerce plugins that connect to Authorize.net payment gateways.

grimace

However, no equivalent JavaScript solution exists for solving this problem.

I was concerned that a lot of the developers who used to write vulnerable PHP code might also be working in the Electron/Cordova/etc. ecosystem today, and if they retained any of their bad habits from their PHP + ext/curl days, their products would be at risk.

So I decided to port this library to Node.js. Let me know what you think.




Join us for AI Startup School this June 16-17 in San Francisco!

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: