
Show HN: Certainty-JS: Automated CACert.pem Management for Node.js Software - CiPHPerCoder
https://github.com/paragonie/certainty-js
======
CiPHPerCoder
Hi HN,

A couple years ago I started developing an open source PHP library called
Certainty. You can read about it here:
[https://paragonie.com/blog/2017/10/certainty-automated-
cacer...](https://paragonie.com/blog/2017/10/certainty-automated-cacert-pem-
management-for-php-software)

Essentially, I wanted to ensure that server-to-server HTTP requests use TLS
securely in open source projects, but unfortunately a lot of code disabled TLS
verification in PHP software.

Including eCommerce plugins.

Including eCommerce plugins that connect to Authorize.net payment gateways.

grimace

However, no equivalent JavaScript solution exists for solving this problem.

I was concerned that a lot of the developers who used to write vulnerable PHP
code might also be working in the Electron/Cordova/etc. ecosystem today, and
if they retained any of their bad habits from their PHP + ext/curl days, their
products would be at risk.

So I decided to port this library to Node.js. Let me know what you think.

