Can an Origin cert be used for code signing

I want to know if I can use a Cloudflare Origin certificate for code signing.
I’ve looked and I can’t find an answer. Can anyone point me to some documentation, or inform me from their experience?

I’m going to assume no - but also, why would you want to use it for code-signing?

It’d be exactly the same as you signing your code with any other self-signed certificate.

2 Likes

You can inspect your Origin certificate to determine the allowed extensions:

openssl x509 -noout -text  -in origin.pem
<snip>
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage:
                TLS Web Client Authentication, TLS Web Server Authentication

Code signing is not there, so no.

And I agree with @KianNH, why in the world would you want to do this.

1 Like

@KianNH Thanks for pointing out the massive flaw in my half baked idea so gently.
In response to why - to save money and ease MDM.

@MidGe Thanks - have not implemented the certificate yet so could not inspect myself.

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.