The Story: Harmonic convergence

To create greater convergence, we need more integration.

Emmanuel Macron

At this point, I am a high school graduate, going to a great college and having so many complete stories in hands. The products have now reached an end, no new ideas are coming, so I have to take a new challenge.

The end of Developer Studio series was quite good with the CVP (Code Visual Presentation) Firefox support, the tool that enabled developers to record coding session that lasts more than 10 minutes in a file of few KBytes. The plugin ported coding to browser.

Image for post
Image for post
CVP Plugin

We always converge to where we start from, I remember that my first start was with PKI, and again here we go, a new challenge is set and the ship is ready to sail.

I only struggled at generating the Extended Validation certificate so I wondered how it is created, I started googling, looking for references and articles and all of it converged towards the CA Browser forum guidelines. but in order to have an EV certificate tested, you need to satsify some conditions like having an OCSP server, CRL put in static endpoint, certain X.509 extensions added and making the browser recognize the OID and the signature of the signing CA.

The first thing I did is request an OID (Object Identifier) for Arsslensoft from IANA (Internet Assigned Number Authority), it was a PEN (Private Enterprise Number) [44215], my request was approved and I received it in August.

The second thing is to download Mozilla Firefox and compile its source, and that’s what I did. I used the Pentium 4 computer to build it, it took 2h27min to build.

Now that everything is good, I created the Root CA then the EV CA then the EV SSL, all the steps was written down.

But with what tool? I used my own, It’s Origisign Certification Tool. OrigiSign is a sub-organization of Arsslensoft I established in 2013 to issue certificates for free online. Of course, I shut it off after a while, due to legal issues in my country. [I didn’t get any warning]

The tool was written in C# and it was the full pack of certificate generation, it had the ability to manipulate the ASN.1 and it supported all the standard X.509 specifications. The tool was capable of adding custom extension using visual programming (Drag & Drop). It supported all PKI operations except for validation authority. Then I’ve written my own OCSP server (a simple console application that listens over HTTP to OCSP requests and sends a response). OCT used BouncyCastle and OpenSSL libraries to perform all the PKI related tasks.

Image for post
Image for post
OCT Certificate Signing under my CA (Arsslensoft CA)
Image for post
Image for post
OCSP Server

My copy of Firefox browser as rebranded and the solution was called Phexon.

Image for post
Image for post
Phexon about:home
Phexon recognizing my Websites’ SSL as an EV SSL

After Phexon and the EV SSL achievement, things has changed. The college is different, a new strategy has to be implemented so i had to be away from my lab *_*.

To be continued…

.NET Developer/Junior DevOps/Junior CTO/Experienced C# developer (https://www.linkedin.com/in/arsslen-idadi)

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store