From 941b1b0c44b1705a919002b7542c17e298fd1df8 Mon Sep 17 00:00:00 2001
From: Guillaume Belanger <guillaume.belanger@canonical.com>
Date: Fri, 14 Jun 2024 15:02:46 -0400
Subject: [PATCH 1/7] chore: use skopeo from rockcraft (#25)

---
 .github/workflows/build-rock.yaml   | 10 +++++-----
 .github/workflows/publish-rock.yaml |  7 ++++---
 .github/workflows/scan-rock.yaml    |  6 +++---
 CONTRIBUTING.md                     |  2 +-
 4 files changed, 13 insertions(+), 12 deletions(-)

diff --git a/.github/workflows/build-rock.yaml b/.github/workflows/build-rock.yaml
index 6f2148f..1e3d0ba 100644
--- a/.github/workflows/build-rock.yaml
+++ b/.github/workflows/build-rock.yaml
@@ -11,13 +11,13 @@ jobs:
         uses: actions/checkout@v4
       - uses: canonical/craft-actions/rockcraft-pack@main
         id: rockcraft
-      
-      - name: Install Skopeo
-        run: |
-          sudo snap install skopeo --edge --devmode
+        with:
+          rockcraft-channel: edge
+  
       - name: Import the image to Docker registry
         run: |
-          sudo skopeo --insecure-policy copy oci-archive:${{ steps.rockcraft.outputs.rock }} docker-daemon:gocert:latest
+          sudo rockcraft.skopeo --insecure-policy copy oci-archive:${{ steps.rockcraft.outputs.rock }} docker-daemon:gocert:latest
+
       - name: Create files required by GoCert
         run: |
           printf 'key_path:  "/etc/config/key.pem"\ncert_path: "/etc/config/cert.pem"\ndb_path: "/etc/config/certs.db"\nport: 3000\npebble_notifications: true\n' > config.yaml
diff --git a/.github/workflows/publish-rock.yaml b/.github/workflows/publish-rock.yaml
index c0820eb..e7c3c6d 100644
--- a/.github/workflows/publish-rock.yaml
+++ b/.github/workflows/publish-rock.yaml
@@ -17,9 +17,10 @@ jobs:
           username: ${{ github.actor }}
           password: ${{ secrets.GITHUB_TOKEN }}
 
-      - name: Install skopeo
+      - name: Install rockcraft
         run: |
-          sudo snap install --devmode --channel edge skopeo
+          sudo snap install rockcraft --classic --channel edge
+        
       - uses: actions/download-artifact@v4
         with:
           name: rock
@@ -29,7 +30,7 @@ jobs:
           image_name="$(yq '.name' rockcraft.yaml)"
           version="$(yq '.version' rockcraft.yaml)"
           rock_file=$(ls *.rock | tail -n 1)
-          sudo skopeo \
+          sudo rockcraft.skopeo \
             --insecure-policy \
             copy \
             oci-archive:"${rock_file}" \
diff --git a/.github/workflows/scan-rock.yaml b/.github/workflows/scan-rock.yaml
index 3cb0efc..2dd7a8c 100644
--- a/.github/workflows/scan-rock.yaml
+++ b/.github/workflows/scan-rock.yaml
@@ -10,9 +10,9 @@ jobs:
       - name: Checkout repository
         uses: actions/checkout@v4
 
-      - name: Install skopeo
+      - name: Install rockcraft
         run: |
-          sudo snap install --devmode --channel edge skopeo
+          sudo snap install rockcraft --classic --channel edge
 
       - name: Install yq
         run: |
@@ -29,7 +29,7 @@ jobs:
           version="$(yq '.version' rockcraft.yaml)"
           echo "version=${version}" >> $GITHUB_ENV
           rock_file=$(ls *.rock | tail -n 1)
-          sudo skopeo \
+          sudo rockcraft.skopeo \
             --insecure-policy \
             copy \
             oci-archive:"${rock_file}" \
diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
index e5e098d..e534ccf 100644
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -40,6 +40,6 @@ npm run lint
 ```bash
 rockcraft pack -v
 version=$(yq '.version' rockcraft.yaml)
-sudo skopeo --insecure-policy copy oci-archive:gocert_${version}_amd64.rock docker-daemon:gocert:${version}
+sudo rockcraft.skopeo --insecure-policy copy oci-archive:gocert_${version}_amd64.rock docker-daemon:gocert:${version}
 docker run gocert:${version}
 ```

From 160db0dae663245b654c9d5f60c7fea14c4ebdf4 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Fri, 14 Jun 2024 19:08:36 +0000
Subject: [PATCH 2/7] chore: bump braces from 3.0.2 to 3.0.3 in /ui (#26)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 ui/package-lock.json | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/ui/package-lock.json b/ui/package-lock.json
index a378531..e2c8cf9 100644
--- a/ui/package-lock.json
+++ b/ui/package-lock.json
@@ -2064,11 +2064,11 @@
       }
     },
     "node_modules/braces": {
-      "version": "3.0.2",
-      "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.2.tgz",
-      "integrity": "sha512-b8um+L1RzM3WDSzvhm6gIz1yfTbBt6YTlcEKAvsmqCZZFw46z626lVj9j1yEPW33H5H+lBQpZMP1k8l+78Ha0A==",
+      "version": "3.0.3",
+      "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.3.tgz",
+      "integrity": "sha512-yQbXgO/OSZVD2IsiLlro+7Hf6Q18EJrKSEsdoMzKePKXct3gvD8oLcOQdIzGupr5Fj+EDe8gO/lxc1BzfMpxvA==",
       "dependencies": {
-        "fill-range": "^7.0.1"
+        "fill-range": "^7.1.1"
       },
       "engines": {
         "node": ">=8"
@@ -3309,9 +3309,9 @@
       }
     },
     "node_modules/fill-range": {
-      "version": "7.0.1",
-      "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.0.1.tgz",
-      "integrity": "sha512-qOo9F+dMUmC2Lcb4BbVvnKJxTPjCm+RRpe4gDuGrzkL7mEVl/djYSu2OdQ2Pa302N4oqkSg9ir6jaLWJ2USVpQ==",
+      "version": "7.1.1",
+      "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.1.1.tgz",
+      "integrity": "sha512-YsGpe3WHLK8ZYi4tWDg2Jy3ebRz2rXowDxnld4bkQB00cc/1Zw9AWnC0i9ztDJitivtQvaI9KaLyKrc+hBW0yg==",
       "dependencies": {
         "to-regex-range": "^5.0.1"
       },

From e6db72b4e3364a1506ef15896b47823eaf35282f Mon Sep 17 00:00:00 2001
From: Guillaume Belanger <guillaume.belanger@canonical.com>
Date: Fri, 14 Jun 2024 15:30:33 -0400
Subject: [PATCH 3/7] fix: add key missing in config validation (#24)

---
 cmd/gocert/main.go             |  10 ++-
 cmd/gocert/main_test.go        |   2 +-
 internal/api/server.go         |  69 ++-----------------
 internal/api/server_test.go    |  53 ++------------
 internal/config/config.go      |  73 ++++++++++++++++++++
 internal/config/config_test.go | 122 +++++++++++++++++++++++++++++++++
 6 files changed, 213 insertions(+), 116 deletions(-)
 create mode 100644 internal/config/config.go
 create mode 100644 internal/config/config_test.go

diff --git a/cmd/gocert/main.go b/cmd/gocert/main.go
index 5c43364..115b665 100644
--- a/cmd/gocert/main.go
+++ b/cmd/gocert/main.go
@@ -6,17 +6,21 @@ import (
 	"os"
 
 	server "github.com/canonical/gocert/internal/api"
+	"github.com/canonical/gocert/internal/config"
 )
 
 func main() {
 	log.SetOutput(os.Stderr)
 	configFilePtr := flag.String("config", "", "The config file to be provided to the server")
 	flag.Parse()
-
 	if *configFilePtr == "" {
-		log.Fatalf("Providing a valid config file is required.")
+		log.Fatalf("Providing a config file is required.")
+	}
+	conf, err := config.Validate(*configFilePtr)
+	if err != nil {
+		log.Fatalf("Couldn't validate config file: %s", err)
 	}
-	srv, err := server.NewServer(*configFilePtr)
+	srv, err := server.NewServer(conf.Port, conf.Cert, conf.Key, conf.DBPath, conf.PebbleNotificationsEnabled)
 	if err != nil {
 		log.Fatalf("Couldn't create server: %s", err)
 	}
diff --git a/cmd/gocert/main_test.go b/cmd/gocert/main_test.go
index 58d37d7..3b62a2e 100644
--- a/cmd/gocert/main_test.go
+++ b/cmd/gocert/main_test.go
@@ -140,7 +140,7 @@ func TestGoCertFail(t *testing.T) {
 		ConfigYAML     string
 		ExpectedOutput string
 	}{
-		{"flags not set", []string{}, validConfig, "Providing a valid config file is required."},
+		{"flags not set", []string{}, validConfig, "Providing a config file is required."},
 		{"config file not valid", []string{"-config", "config.yaml"}, invalidConfig, "config file validation failed:"},
 		{"database not connectable", []string{"-config", "config.yaml"}, invalidDBConfig, "Couldn't connect to database:"},
 	}
diff --git a/internal/api/server.go b/internal/api/server.go
index 5910d76..ee2ca8b 100644
--- a/internal/api/server.go
+++ b/internal/api/server.go
@@ -7,72 +7,17 @@ import (
 	"fmt"
 	"log"
 	"net/http"
-	"os"
 	"os/exec"
 	"time"
 
 	"github.com/canonical/gocert/internal/certdb"
-	"gopkg.in/yaml.v3"
 )
 
-type ConfigYAML struct {
-	KeyPath                    string `yaml:"key_path"`
-	CertPath                   string `yaml:"cert_path"`
-	DBPath                     string `yaml:"db_path"`
-	Port                       int    `yaml:"port"`
-	Pebblenotificationsenabled bool   `yaml:"pebble_notifications"`
-}
-
-type Config struct {
-	Key                        []byte
-	Cert                       []byte
-	DBPath                     string
-	Port                       int
-	PebbleNotificationsEnabled bool
-}
-
 type Environment struct {
 	DB                      *certdb.CertificateRequestsRepository
 	SendPebbleNotifications bool
 }
 
-// validateConfigFile opens and processes the given yaml file, and catches errors in the process
-func validateConfigFile(filePath string) (Config, error) {
-	validationErr := errors.New("config file validation failed: ")
-	config := Config{}
-	configYaml, err := os.ReadFile(filePath)
-	if err != nil {
-		return config, errors.Join(validationErr, err)
-	}
-	c := ConfigYAML{}
-	if err := yaml.Unmarshal(configYaml, &c); err != nil {
-		return config, errors.Join(validationErr, err)
-	}
-	cert, err := os.ReadFile(c.CertPath)
-	if err != nil {
-		return config, errors.Join(validationErr, err)
-	}
-	key, err := os.ReadFile(c.KeyPath)
-	if err != nil {
-		return config, errors.Join(validationErr, err)
-	}
-	dbfile, err := os.OpenFile(c.DBPath, os.O_CREATE|os.O_RDONLY, 0644)
-	if err != nil {
-		return config, errors.Join(validationErr, err)
-	}
-	err = dbfile.Close()
-	if err != nil {
-		return config, errors.Join(validationErr, err)
-	}
-
-	config.Cert = cert
-	config.Key = key
-	config.DBPath = c.DBPath
-	config.Port = c.Port
-	config.PebbleNotificationsEnabled = c.Pebblenotificationsenabled
-	return config, nil
-}
-
 func SendPebbleNotification(key, request_id string) error {
 	cmd := exec.Command("pebble", "notify", key, fmt.Sprintf("request_id=%s", request_id))
 	if err := cmd.Run(); err != nil {
@@ -82,27 +27,23 @@ func SendPebbleNotification(key, request_id string) error {
 }
 
 // NewServer creates an environment and an http server with handlers that Go can start listening to
-func NewServer(configFile string) (*http.Server, error) {
-	config, err := validateConfigFile(configFile)
-	if err != nil {
-		return nil, err
-	}
-	serverCerts, err := tls.X509KeyPair(config.Cert, config.Key)
+func NewServer(port int, cert []byte, key []byte, dbPath string, pebbleNotificationsEnabled bool) (*http.Server, error) {
+	serverCerts, err := tls.X509KeyPair(cert, key)
 	if err != nil {
 		return nil, err
 	}
-	db, err := certdb.NewCertificateRequestsRepository(config.DBPath, "CertificateRequests")
+	db, err := certdb.NewCertificateRequestsRepository(dbPath, "CertificateRequests")
 	if err != nil {
 		log.Fatalf("Couldn't connect to database: %s", err)
 	}
 
 	env := &Environment{}
 	env.DB = db
-	env.SendPebbleNotifications = config.PebbleNotificationsEnabled
+	env.SendPebbleNotifications = pebbleNotificationsEnabled
 	router := NewGoCertRouter(env)
 
 	s := &http.Server{
-		Addr: fmt.Sprintf(":%d", config.Port),
+		Addr: fmt.Sprintf(":%d", port),
 
 		ReadTimeout:    10 * time.Second,
 		WriteTimeout:   10 * time.Second,
diff --git a/internal/api/server_test.go b/internal/api/server_test.go
index 8a6caea..535ac71 100644
--- a/internal/api/server_test.go
+++ b/internal/api/server_test.go
@@ -85,24 +85,6 @@ Q53tuiWQeoxNOjHiWstBPELxGbW6447JyVVbNYGUk+VFU7okzA6sRTJ/5Ysda4Sf
 auNQc2hruhr/2plhFUYoZHPzGz7d5zUGKymhCoS8BsFVtD0WDL4srdtY/W2Us7TD
 D7DC34n8CH9+avz9sCRwxpjxKnYW/BeyK0c4n9uZpjI8N4sOVqy6yWBUseww
 -----END RSA PRIVATE KEY-----`
-	validConfig = `key_path:  "./key_test.pem"
-cert_path: "./cert_test.pem"
-db_path: "./certs.db"
-port: 8000`
-	wrongCertConfig = `key_path:  "./key_test.pem"
-cert_path: "./cert_test_wrong.pem"
-db_path: "./certs.db"
-port: 8000`
-	wrongKeyConfig = `key_path:  "./key_test_wrong.pem"
-cert_path: "./cert_test.pem"
-db_path: "./certs.db"
-port: 8000`
-	invalidYAMLConfig = `wrong: fields
-every: where`
-	invalidFileConfig = `key_path:  "./nokeyfile.pem"
-cert_path: "./nocertfile.pem"
-db_path: "./certs.db"
-port: 8000`
 )
 
 func TestMain(m *testing.M) {
@@ -131,11 +113,7 @@ func TestMain(m *testing.M) {
 }
 
 func TestNewServerSuccess(t *testing.T) {
-	writeConfigErr := os.WriteFile("config.yaml", []byte(validConfig), 0644)
-	if writeConfigErr != nil {
-		log.Fatalf("Error writing config file")
-	}
-	s, err := server.NewServer("config.yaml")
+	s, err := server.NewServer(8000, []byte(validCert), []byte(validPK), "certs.db", false)
 	if err != nil {
 		t.Errorf("Error occured: %s", err)
 	}
@@ -144,30 +122,9 @@ func TestNewServerSuccess(t *testing.T) {
 	}
 }
 
-func TestNewServerFail(t *testing.T) {
-	testCases := []struct {
-		desc   string
-		config string
-	}{
-		{
-			desc:   "wrong certificate",
-			config: wrongCertConfig,
-		},
-		{
-			desc:   "wrong key",
-			config: wrongKeyConfig,
-		},
-	}
-	for _, tC := range testCases {
-		writeConfigErr := os.WriteFile("config.yaml", []byte(tC.config), 0644)
-		if writeConfigErr != nil {
-			log.Fatalf("Error writing config file")
-		}
-		t.Run(tC.desc, func(t *testing.T) {
-			_, err := server.NewServer("config.yaml")
-			if err == nil {
-				t.Errorf("Expected error")
-			}
-		})
+func TestInvalidKeyFailure(t *testing.T) {
+	_, err := server.NewServer(8000, []byte(validCert), []byte{}, "certs.db", false)
+	if err == nil {
+		t.Errorf("No error was thrown for invalid key")
 	}
 }
diff --git a/internal/config/config.go b/internal/config/config.go
new file mode 100644
index 0000000..0adc8a0
--- /dev/null
+++ b/internal/config/config.go
@@ -0,0 +1,73 @@
+package config
+
+import (
+	"errors"
+	"os"
+
+	"gopkg.in/yaml.v3"
+)
+
+type ConfigYAML struct {
+	KeyPath                    string `yaml:"key_path"`
+	CertPath                   string `yaml:"cert_path"`
+	DBPath                     string `yaml:"db_path"`
+	Port                       int    `yaml:"port"`
+	Pebblenotificationsenabled bool   `yaml:"pebble_notifications"`
+}
+
+type Config struct {
+	Key                        []byte
+	Cert                       []byte
+	DBPath                     string
+	Port                       int
+	PebbleNotificationsEnabled bool
+}
+
+// Validate opens and processes the given yaml file, and catches errors in the process
+func Validate(filePath string) (Config, error) {
+	validationErr := errors.New("config file validation failed: ")
+	config := Config{}
+	configYaml, err := os.ReadFile(filePath)
+	if err != nil {
+		return config, errors.Join(validationErr, err)
+	}
+	c := ConfigYAML{}
+	if err := yaml.Unmarshal(configYaml, &c); err != nil {
+		return config, errors.Join(validationErr, err)
+	}
+	if c.CertPath == "" {
+		return config, errors.Join(validationErr, errors.New("`cert_path` is empty"))
+	}
+	cert, err := os.ReadFile(c.CertPath)
+	if err != nil {
+		return config, errors.Join(validationErr, err)
+	}
+	if c.KeyPath == "" {
+		return config, errors.Join(validationErr, errors.New("`key_path` is empty"))
+	}
+	key, err := os.ReadFile(c.KeyPath)
+	if err != nil {
+		return config, errors.Join(validationErr, err)
+	}
+	if c.DBPath == "" {
+		return config, errors.Join(validationErr, errors.New("`db_path` is empty"))
+	}
+	dbfile, err := os.OpenFile(c.DBPath, os.O_CREATE|os.O_RDONLY, 0644)
+	if err != nil {
+		return config, errors.Join(validationErr, err)
+	}
+	err = dbfile.Close()
+	if err != nil {
+		return config, errors.Join(validationErr, err)
+	}
+	if c.Port == 0 {
+		return config, errors.Join(validationErr, errors.New("`port` is empty"))
+	}
+
+	config.Cert = cert
+	config.Key = key
+	config.DBPath = c.DBPath
+	config.Port = c.Port
+	config.PebbleNotificationsEnabled = c.Pebblenotificationsenabled
+	return config, nil
+}
diff --git a/internal/config/config_test.go b/internal/config/config_test.go
new file mode 100644
index 0000000..0aecd23
--- /dev/null
+++ b/internal/config/config_test.go
@@ -0,0 +1,122 @@
+package config_test
+
+import (
+	"log"
+	"os"
+	"strings"
+	"testing"
+
+	"github.com/canonical/gocert/internal/config"
+)
+
+const (
+	validCert   = `Whatever cert content`
+	validPK     = `Whatever key content`
+	validConfig = `key_path:  "./key_test.pem"
+cert_path: "./cert_test.pem"
+db_path: "./certs.db"
+port: 8000`
+	noCertPathConfig = `key_path:  "./key_test.pem"
+db_path: "./certs.db"
+port: 8000`
+	noKeyPathConfig = `cert_path: "./cert_test.pem"
+db_path: "./certs.db"
+port: 8000`
+	noDBPathConfig = `key_path:  "./key_test.pem"
+cert_path: "./cert_test.pem"
+port: 8000`
+	wrongCertPathConfig = `key_path:  "./key_test.pem"
+cert_path: "./cert_test_wrong.pem"
+db_path: "./certs.db"
+port: 8000`
+	wrongKeyPathConfig = `key_path:  "./key_test_wrong.pem"
+cert_path: "./cert_test.pem"
+db_path: "./certs.db"
+port: 8000`
+	invalidYAMLConfig = `just_an=invalid
+yaml.here`
+)
+
+func TestMain(m *testing.M) {
+	testfolder, err := os.MkdirTemp("./", "configtest-")
+	if err != nil {
+		log.Fatalf("couldn't create temp directory")
+	}
+	writeCertErr := os.WriteFile(testfolder+"/cert_test.pem", []byte(validCert), 0644)
+	writeKeyErr := os.WriteFile(testfolder+"/key_test.pem", []byte(validPK), 0644)
+	if writeCertErr != nil || writeKeyErr != nil {
+		log.Fatalf("couldn't create temp testing file")
+	}
+	if err := os.Chdir(testfolder); err != nil {
+		log.Fatalf("couldn't enter testing directory")
+	}
+
+	exitval := m.Run()
+
+	if err := os.Chdir("../"); err != nil {
+		log.Fatalf("couldn't change back to parent directory")
+	}
+	if err := os.RemoveAll(testfolder); err != nil {
+		log.Fatalf("couldn't remove temp testing directory")
+	}
+	os.Exit(exitval)
+}
+
+func TestGoodConfigSuccess(t *testing.T) {
+	writeConfigErr := os.WriteFile("config.yaml", []byte(validConfig), 0644)
+	if writeConfigErr != nil {
+		t.Fatalf("Error writing config file")
+	}
+	conf, err := config.Validate("config.yaml")
+	if err != nil {
+		t.Fatalf("Error occured: %s", err)
+	}
+
+	if conf.Cert == nil {
+		t.Fatalf("No certificates were configured for server")
+	}
+
+	if conf.Key == nil {
+		t.Fatalf("No key was configured for server")
+	}
+
+	if conf.DBPath == "" {
+		t.Fatalf("No database path was configured for server")
+	}
+
+	if conf.Port != 8000 {
+		t.Fatalf("Port was not configured correctly")
+	}
+
+}
+
+func TestBadConfigFail(t *testing.T) {
+	cases := []struct {
+		Name          string
+		ConfigYAML    string
+		ExpectedError string
+	}{
+		{"no cert path", noCertPathConfig, "`cert_path` is empty"},
+		{"no key path", noKeyPathConfig, "`key_path` is empty"},
+		{"no db path", noDBPathConfig, "`db_path` is empty"},
+		{"wrong cert path", wrongCertPathConfig, "no such file or directory"},
+		{"wrong key path", wrongKeyPathConfig, "no such file or directory"},
+		{"invalid yaml", invalidYAMLConfig, "unmarshal errors"},
+	}
+
+	for _, tc := range cases {
+		writeConfigErr := os.WriteFile("config.yaml", []byte(tc.ConfigYAML), 0644)
+		if writeConfigErr != nil {
+			t.Errorf("Failed writing config file")
+		}
+		_, err := config.Validate("config.yaml")
+		if err == nil {
+			t.Errorf("Expected error, got nil")
+		}
+
+		if !strings.Contains(err.Error(), tc.ExpectedError) {
+			t.Errorf("Expected error not found: %s", err)
+		}
+
+	}
+}

From d6705229bfff406d85ff1a03a4bade0e6ca83adf Mon Sep 17 00:00:00 2001
From: Guillaume Belanger <guillaume.belanger@canonical.com>
Date: Mon, 17 Jun 2024 09:38:35 -0400
Subject: [PATCH 4/7] fix: display accurate status code in logs (#27)

---
 internal/api/middleware.go | 14 ++++++++++----
 1 file changed, 10 insertions(+), 4 deletions(-)

diff --git a/internal/api/middleware.go b/internal/api/middleware.go
index 8e8e3d1..1a978b0 100644
--- a/internal/api/middleware.go
+++ b/internal/api/middleware.go
@@ -3,6 +3,7 @@ package server
 import (
 	"log"
 	"net/http"
+	"strings"
 
 	"github.com/canonical/gocert/internal/metrics"
 	"github.com/prometheus/client_golang/prometheus/promhttp"
@@ -71,10 +72,15 @@ func metricsMiddleware(ctx *middlewareContext) middleware {
 func loggingMiddleware(ctx *middlewareContext) middleware {
 	return func(next http.Handler) http.Handler {
 		return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
-			clonedWwriter := newResponseWriter(w)
-			next.ServeHTTP(w, r)
-			log.Println(r.Method, r.URL.Path, clonedWwriter.statusCode, http.StatusText(clonedWwriter.statusCode))
-			ctx.responseStatusCode = clonedWwriter.statusCode
+			clonedWriter := newResponseWriter(w)
+			next.ServeHTTP(clonedWriter, r)
+
+			// Suppress logging for static files
+			if !strings.HasPrefix(r.URL.Path, "/_next") {
+				log.Println(r.Method, r.URL.Path, clonedWriter.statusCode, http.StatusText(clonedWriter.statusCode))
+			}
+
+			ctx.responseStatusCode = clonedWriter.statusCode
 		})
 	}
 }

From 533b78cbf246cd0ff28af219b506cb26a21dbb06 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Wed, 19 Jun 2024 02:46:35 +0000
Subject: [PATCH 5/7] chore: bump ws from 8.17.0 to 8.17.1 in /ui (#28)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 ui/package-lock.json | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/ui/package-lock.json b/ui/package-lock.json
index e2c8cf9..af2fb43 100644
--- a/ui/package-lock.json
+++ b/ui/package-lock.json
@@ -6700,9 +6700,9 @@
       "dev": true
     },
     "node_modules/ws": {
-      "version": "8.17.0",
-      "resolved": "https://registry.npmjs.org/ws/-/ws-8.17.0.tgz",
-      "integrity": "sha512-uJq6108EgZMAl20KagGkzCKfMEjxmKvZHG7Tlq0Z6nOky7YF7aq4mOx6xK8TJ/i1LeK4Qus7INktacctDgY8Ow==",
+      "version": "8.17.1",
+      "resolved": "https://registry.npmjs.org/ws/-/ws-8.17.1.tgz",
+      "integrity": "sha512-6XQFvXTkbfUOZOKKILFG1PDK2NDQs4azKQl26T0YS5CxqWLgXajbPZ+h4gZekJyRqFU8pvnbAbbs/3TgRPy+GQ==",
       "dev": true,
       "engines": {
         "node": ">=10.0.0"

From 604f3cd35a118b6ce7459c943568aa02525ee310 Mon Sep 17 00:00:00 2001
From: Guillaume Belanger <guillaume.belanger@canonical.com>
Date: Wed, 19 Jun 2024 10:45:59 -0400
Subject: [PATCH 6/7] chore: remove .html suffix from url (#29)

---
 internal/api/handlers.go | 14 +++++++++++++-
 ui/src/app/nav.tsx       |  2 +-
 2 files changed, 14 insertions(+), 2 deletions(-)

diff --git a/internal/api/handlers.go b/internal/api/handlers.go
index 965ead5..21368a6 100644
--- a/internal/api/handlers.go
+++ b/internal/api/handlers.go
@@ -50,7 +50,19 @@ func newFrontendFileServer() http.Handler {
 	if err != nil {
 		log.Fatal(err)
 	}
-	return http.FileServer(http.FS(frontendFS))
+
+	fileServer := http.FileServer(http.FS(frontendFS))
+
+	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		path := r.URL.Path
+		if strings.HasSuffix(path, "/") || path == "/" {
+			path = "/certificate_requests.html"
+		} else if !strings.Contains(path, ".") {
+			path += ".html"
+		}
+		r.URL.Path = path
+		fileServer.ServeHTTP(w, r)
+	})
 }
 
 // the health check endpoint simply returns a http.StatusOK
diff --git a/ui/src/app/nav.tsx b/ui/src/app/nav.tsx
index 762a329..d905608 100644
--- a/ui/src/app/nav.tsx
+++ b/ui/src/app/nav.tsx
@@ -81,7 +81,7 @@ export function SideBar({ sidebarVisible, setSidebarVisible }: { sidebarVisible:
                             <nav aria-label="Main">
                                 <ul className="p-side-navigation__list">
                                     <li className="p-side-navigation__item">
-                                        <a className="p-side-navigation__link" href="/certificate_requests.html" aria-current={activeTab === "certificate_requests" ? "page" : "false"} >
+                                        <a className="p-side-navigation__link" href="/certificate_requests" aria-current={activeTab === "certificate_requests" ? "page" : "false"} >
                                             <i className="p-icon--security is-light p-side-navigation__icon"></i>
                                             <span className="p-side-navigation__label">
                                                 <span className="p-side-navigation__label">Certificate Requests</span>

From 84ff6088b664e01e154e24db238eeb97292a6f15 Mon Sep 17 00:00:00 2001
From: Kayra <kayra.gemalmaz@canonical.com>
Date: Thu, 20 Jun 2024 13:18:34 +0300
Subject: [PATCH 7/7] feat: Certificate Requests Table Query (#21)

---
 CONTRIBUTING.md                               |   2 +-
 ui/package-lock.json                          | 179 ++++++++++++++++--
 ui/package.json                               |   2 +
 ui/src/app/certificate_requests/page.test.tsx |   8 -
 ui/src/app/certificate_requests/page.tsx      |  38 +++-
 ui/src/app/certificate_requests/queries.ts    |   9 +
 ui/src/app/certificate_requests/row.test.tsx  |  70 ++++++-
 ui/src/app/certificate_requests/row.tsx       |  48 +++--
 .../app/certificate_requests/table.test.tsx   |  99 ++++++++++
 ui/src/app/certificate_requests/table.tsx     |  57 +++---
 ui/src/app/certificate_requests/types.ts      |   5 +
 ui/src/app/nav.test.tsx                       |   4 +-
 ui/src/app/nav.tsx                            |  62 +++---
 ui/src/app/utils.ts                           | 119 ++++++++++++
 14 files changed, 584 insertions(+), 118 deletions(-)
 delete mode 100644 ui/src/app/certificate_requests/page.test.tsx
 create mode 100644 ui/src/app/certificate_requests/queries.ts
 create mode 100644 ui/src/app/certificate_requests/table.test.tsx
 create mode 100644 ui/src/app/certificate_requests/types.ts
 create mode 100644 ui/src/app/utils.ts

diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
index e534ccf..6ff020a 100644
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -42,4 +42,4 @@ rockcraft pack -v
 version=$(yq '.version' rockcraft.yaml)
 sudo rockcraft.skopeo --insecure-policy copy oci-archive:gocert_${version}_amd64.rock docker-daemon:gocert:${version}
 docker run gocert:${version}
-```
+```
\ No newline at end of file
diff --git a/ui/package-lock.json b/ui/package-lock.json
index af2fb43..2e76764 100644
--- a/ui/package-lock.json
+++ b/ui/package-lock.json
@@ -7,8 +7,10 @@
       "name": "gocert",
       "dependencies": {
         "next": "14.2.3",
+        "pkijs": "^3.1.0",
         "react": "^18",
         "react-dom": "^18",
+        "react-query": "^3.39.3",
         "sass": "^1.77.4",
         "vanilla-framework": "^4.11.0"
       },
@@ -392,7 +394,6 @@
       "version": "7.24.5",
       "resolved": "https://registry.npmjs.org/@babel/runtime/-/runtime-7.24.5.tgz",
       "integrity": "sha512-Nms86NXrsaeU9vbBJKni6gXiEXZ4CVpYVzEjDH9Sb8vmZ3UljyA1GSOJl/6LGPO8EHLuSF9H+IxNXHPX8QHJ4g==",
-      "dev": true,
       "dependencies": {
         "regenerator-runtime": "^0.14.0"
       },
@@ -1982,6 +1983,19 @@
         "url": "https://github.com/sponsors/ljharb"
       }
     },
+    "node_modules/asn1js": {
+      "version": "3.0.5",
+      "resolved": "https://registry.npmjs.org/asn1js/-/asn1js-3.0.5.tgz",
+      "integrity": "sha512-FVnvrKJwpt9LP2lAMl8qZswRNm3T4q9CON+bxldk2iwk3FFpuwhx2FfinyitizWHsVYyaY+y5JzDR0rCMV5yTQ==",
+      "dependencies": {
+        "pvtsutils": "^1.3.2",
+        "pvutils": "^1.1.3",
+        "tslib": "^2.4.0"
+      },
+      "engines": {
+        "node": ">=12.0.0"
+      }
+    },
     "node_modules/assertion-error": {
       "version": "1.1.0",
       "resolved": "https://registry.npmjs.org/assertion-error/-/assertion-error-1.1.0.tgz",
@@ -2039,8 +2053,15 @@
     "node_modules/balanced-match": {
       "version": "1.0.2",
       "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.2.tgz",
-      "integrity": "sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==",
-      "dev": true
+      "integrity": "sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw=="
+    },
+    "node_modules/big-integer": {
+      "version": "1.6.52",
+      "resolved": "https://registry.npmjs.org/big-integer/-/big-integer-1.6.52.tgz",
+      "integrity": "sha512-QxD8cf2eVqJOOz63z6JIN9BzvVs/dlySa5HGSBH5xtR8dPteIRQnBxxKqkNTiT6jbDTF6jAfrd4oMcND9RGbQg==",
+      "engines": {
+        "node": ">=0.6"
+      }
     },
     "node_modules/binary-extensions": {
       "version": "2.3.0",
@@ -2057,7 +2078,6 @@
       "version": "1.1.11",
       "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz",
       "integrity": "sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==",
-      "dev": true,
       "dependencies": {
         "balanced-match": "^1.0.0",
         "concat-map": "0.0.1"
@@ -2074,6 +2094,21 @@
         "node": ">=8"
       }
     },
+    "node_modules/broadcast-channel": {
+      "version": "3.7.0",
+      "resolved": "https://registry.npmjs.org/broadcast-channel/-/broadcast-channel-3.7.0.tgz",
+      "integrity": "sha512-cIAKJXAxGJceNZGTZSBzMxzyOn72cVgPnKx4dc6LRjQgbaJUQqhy5rzL3zbMxkMWsGKkv2hSFkPRMEXfoMZ2Mg==",
+      "dependencies": {
+        "@babel/runtime": "^7.7.2",
+        "detect-node": "^2.1.0",
+        "js-sha3": "0.8.0",
+        "microseconds": "0.2.0",
+        "nano-time": "1.0.0",
+        "oblivious-set": "1.0.0",
+        "rimraf": "3.0.2",
+        "unload": "2.2.0"
+      }
+    },
     "node_modules/browserslist": {
       "version": "4.23.0",
       "resolved": "https://registry.npmjs.org/browserslist/-/browserslist-4.23.0.tgz",
@@ -2117,6 +2152,14 @@
         "node": ">=10.16.0"
       }
     },
+    "node_modules/bytestreamjs": {
+      "version": "2.0.1",
+      "resolved": "https://registry.npmjs.org/bytestreamjs/-/bytestreamjs-2.0.1.tgz",
+      "integrity": "sha512-U1Z/ob71V/bXfVABvNr/Kumf5VyeQRBEm6Txb0PQ6S7V5GpBM3w4Cbqz/xPDicR5tN0uvDifng8C+5qECeGwyQ==",
+      "engines": {
+        "node": ">=6.0.0"
+      }
+    },
     "node_modules/cac": {
       "version": "6.7.14",
       "resolved": "https://registry.npmjs.org/cac/-/cac-6.7.14.tgz",
@@ -2291,8 +2334,7 @@
     "node_modules/concat-map": {
       "version": "0.0.1",
       "resolved": "https://registry.npmjs.org/concat-map/-/concat-map-0.0.1.tgz",
-      "integrity": "sha512-/Srv4dswyQNBfohGpz9o6Yb3Gz3SrUDqBH5rTuhGR7ahtlbYKnVxw2bCFMRljaA7EXHaXZ8wsHdodFvbkhKmqg==",
-      "dev": true
+      "integrity": "sha512-/Srv4dswyQNBfohGpz9o6Yb3Gz3SrUDqBH5rTuhGR7ahtlbYKnVxw2bCFMRljaA7EXHaXZ8wsHdodFvbkhKmqg=="
     },
     "node_modules/confbox": {
       "version": "0.1.7",
@@ -2501,6 +2543,11 @@
         "node": ">=6"
       }
     },
+    "node_modules/detect-node": {
+      "version": "2.1.0",
+      "resolved": "https://registry.npmjs.org/detect-node/-/detect-node-2.1.0.tgz",
+      "integrity": "sha512-T0NIuQpnTvFDATNuHN5roPwSBG83rFsuO+MXXH9/3N1eFbn4wcPjttvjMLEPWJ0RGUYgQE7cGgS3tNxbqCGM7g=="
+    },
     "node_modules/diff-sequences": {
       "version": "29.6.3",
       "resolved": "https://registry.npmjs.org/diff-sequences/-/diff-sequences-29.6.3.tgz",
@@ -3397,8 +3444,7 @@
     "node_modules/fs.realpath": {
       "version": "1.0.0",
       "resolved": "https://registry.npmjs.org/fs.realpath/-/fs.realpath-1.0.0.tgz",
-      "integrity": "sha512-OO0pH2lK6a0hZnAdau5ItzHPI6pUlvI7jMVnxUQRtw4owF2wk8lOSabtGDCTP4Ggrg2MbGnWO9X8K1t4+fGMDw==",
-      "dev": true
+      "integrity": "sha512-OO0pH2lK6a0hZnAdau5ItzHPI6pUlvI7jMVnxUQRtw4owF2wk8lOSabtGDCTP4Ggrg2MbGnWO9X8K1t4+fGMDw=="
     },
     "node_modules/fsevents": {
       "version": "2.3.3",
@@ -3836,7 +3882,6 @@
       "version": "1.0.6",
       "resolved": "https://registry.npmjs.org/inflight/-/inflight-1.0.6.tgz",
       "integrity": "sha512-k92I/b08q4wvFscXCLvqfsHCrjrF7yiXsQuIVvVE7N82W3+aqpzuUdBbfhWcy/FZR3/4IgflMgKLOsvPDrGCJA==",
-      "dev": true,
       "dependencies": {
         "once": "^1.3.0",
         "wrappy": "1"
@@ -3845,8 +3890,7 @@
     "node_modules/inherits": {
       "version": "2.0.4",
       "resolved": "https://registry.npmjs.org/inherits/-/inherits-2.0.4.tgz",
-      "integrity": "sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ==",
-      "dev": true
+      "integrity": "sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ=="
     },
     "node_modules/internal-slot": {
       "version": "1.0.7",
@@ -4286,6 +4330,11 @@
         "@pkgjs/parseargs": "^0.11.0"
       }
     },
+    "node_modules/js-sha3": {
+      "version": "0.8.0",
+      "resolved": "https://registry.npmjs.org/js-sha3/-/js-sha3-0.8.0.tgz",
+      "integrity": "sha512-gF1cRrHhIzNfToc802P800N8PpXS+evLLXfsVpowqmAFR9uwbi89WvXg2QspOmXL8QL86J4T1EpFu+yUkwJY3Q=="
+    },
     "node_modules/js-tokens": {
       "version": "4.0.0",
       "resolved": "https://registry.npmjs.org/js-tokens/-/js-tokens-4.0.0.tgz",
@@ -4524,6 +4573,15 @@
         "@jridgewell/sourcemap-codec": "^1.4.15"
       }
     },
+    "node_modules/match-sorter": {
+      "version": "6.3.4",
+      "resolved": "https://registry.npmjs.org/match-sorter/-/match-sorter-6.3.4.tgz",
+      "integrity": "sha512-jfZW7cWS5y/1xswZo8VBOdudUiSd9nifYRWphc9M5D/ee4w4AoXLgBEdRbgVaxbMuagBPeUC5y2Hi8DO6o9aDg==",
+      "dependencies": {
+        "@babel/runtime": "^7.23.8",
+        "remove-accents": "0.5.0"
+      }
+    },
     "node_modules/merge-stream": {
       "version": "2.0.0",
       "resolved": "https://registry.npmjs.org/merge-stream/-/merge-stream-2.0.0.tgz",
@@ -4552,6 +4610,11 @@
         "node": ">=8.6"
       }
     },
+    "node_modules/microseconds": {
+      "version": "0.2.0",
+      "resolved": "https://registry.npmjs.org/microseconds/-/microseconds-0.2.0.tgz",
+      "integrity": "sha512-n7DHHMjR1avBbSpsTBj6fmMGh2AGrifVV4e+WYc3Q9lO+xnSZ3NyhcBND3vzzatt05LFhoKFRxrIyklmLlUtyA=="
+    },
     "node_modules/mime-db": {
       "version": "1.52.0",
       "resolved": "https://registry.npmjs.org/mime-db/-/mime-db-1.52.0.tgz",
@@ -4589,7 +4652,6 @@
       "version": "3.1.2",
       "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz",
       "integrity": "sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==",
-      "dev": true,
       "dependencies": {
         "brace-expansion": "^1.1.7"
       },
@@ -4633,6 +4695,14 @@
       "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==",
       "dev": true
     },
+    "node_modules/nano-time": {
+      "version": "1.0.0",
+      "resolved": "https://registry.npmjs.org/nano-time/-/nano-time-1.0.0.tgz",
+      "integrity": "sha512-flnngywOoQ0lLQOTRNexn2gGSNuM9bKj9RZAWSzhQ+UJYaAFG9bac4DW9VHjUAzrOaIcajHybCTHe/bkvozQqA==",
+      "dependencies": {
+        "big-integer": "^1.6.16"
+      }
+    },
     "node_modules/nanoid": {
       "version": "3.3.7",
       "resolved": "https://registry.npmjs.org/nanoid/-/nanoid-3.3.7.tgz",
@@ -4877,11 +4947,15 @@
         "url": "https://github.com/sponsors/ljharb"
       }
     },
+    "node_modules/oblivious-set": {
+      "version": "1.0.0",
+      "resolved": "https://registry.npmjs.org/oblivious-set/-/oblivious-set-1.0.0.tgz",
+      "integrity": "sha512-z+pI07qxo4c2CulUHCDf9lcqDlMSo72N/4rLUpRXf6fu+q8vjt8y0xS+Tlf8NTJDdTXHbdeO1n3MlbctwEoXZw=="
+    },
     "node_modules/once": {
       "version": "1.4.0",
       "resolved": "https://registry.npmjs.org/once/-/once-1.4.0.tgz",
       "integrity": "sha512-lNaJgI+2Q5URQBkccEKHTQOPaXdUxnZZElQTZY0MFUAuaEqe1E+Nyvgdz/aIyNi6Z9MzO5dv1H8n58/GELp3+w==",
-      "dev": true,
       "dependencies": {
         "wrappy": "1"
       }
@@ -4985,7 +5059,6 @@
       "version": "1.0.1",
       "resolved": "https://registry.npmjs.org/path-is-absolute/-/path-is-absolute-1.0.1.tgz",
       "integrity": "sha512-AVbw3UJ2e9bq64vSaS9Am0fje1Pa8pbGqTTsmXfaIiMpnr5DlDhfJOuLj9Sf95ZPVDAUerDfEk88MPmPe7UCQg==",
-      "dev": true,
       "engines": {
         "node": ">=0.10.0"
       }
@@ -5081,6 +5154,21 @@
         "pathe": "^1.1.2"
       }
     },
+    "node_modules/pkijs": {
+      "version": "3.1.0",
+      "resolved": "https://registry.npmjs.org/pkijs/-/pkijs-3.1.0.tgz",
+      "integrity": "sha512-N+OCWUp6xrg7OkG+4DIiZUOsp3qMztjq8RGCc1hSY92dsUG8cTlAo7pEkfRGjcdyBv2c1Y9bjAzqdTJAlctuNg==",
+      "dependencies": {
+        "asn1js": "^3.0.5",
+        "bytestreamjs": "^2.0.0",
+        "pvtsutils": "^1.3.2",
+        "pvutils": "^1.1.3",
+        "tslib": "^2.4.0"
+      },
+      "engines": {
+        "node": ">=12.0.0"
+      }
+    },
     "node_modules/possible-typed-array-names": {
       "version": "1.0.0",
       "resolved": "https://registry.npmjs.org/possible-typed-array-names/-/possible-typed-array-names-1.0.0.tgz",
@@ -5184,6 +5272,22 @@
         "node": ">=6"
       }
     },
+    "node_modules/pvtsutils": {
+      "version": "1.3.5",
+      "resolved": "https://registry.npmjs.org/pvtsutils/-/pvtsutils-1.3.5.tgz",
+      "integrity": "sha512-ARvb14YB9Nm2Xi6nBq1ZX6dAM0FsJnuk+31aUp4TrcZEdKUlSqOqsxJHUPJDNE3qiIp+iUPEIeR6Je/tgV7zsA==",
+      "dependencies": {
+        "tslib": "^2.6.1"
+      }
+    },
+    "node_modules/pvutils": {
+      "version": "1.1.3",
+      "resolved": "https://registry.npmjs.org/pvutils/-/pvutils-1.1.3.tgz",
+      "integrity": "sha512-pMpnA0qRdFp32b1sJl1wOJNxZLQ2cbQx+k6tjNtZ8CpvVhNqEPRgivZ2WOUev2YMajecdH7ctUPDvEe87nariQ==",
+      "engines": {
+        "node": ">=6.0.0"
+      }
+    },
     "node_modules/querystringify": {
       "version": "2.2.0",
       "resolved": "https://registry.npmjs.org/querystringify/-/querystringify-2.2.0.tgz",
@@ -5239,6 +5343,31 @@
       "integrity": "sha512-w2GsyukL62IJnlaff/nRegPQR94C/XXamvMWmSHRJ4y7Ts/4ocGRmTHvOs8PSE6pB3dWOrD/nueuU5sduBsQ4w==",
       "dev": true
     },
+    "node_modules/react-query": {
+      "version": "3.39.3",
+      "resolved": "https://registry.npmjs.org/react-query/-/react-query-3.39.3.tgz",
+      "integrity": "sha512-nLfLz7GiohKTJDuT4us4X3h/8unOh+00MLb2yJoGTPjxKs2bc1iDhkNx2bd5MKklXnOD3NrVZ+J2UXujA5In4g==",
+      "dependencies": {
+        "@babel/runtime": "^7.5.5",
+        "broadcast-channel": "^3.4.1",
+        "match-sorter": "^6.0.2"
+      },
+      "funding": {
+        "type": "github",
+        "url": "https://github.com/sponsors/tannerlinsley"
+      },
+      "peerDependencies": {
+        "react": "^16.8.0 || ^17.0.0 || ^18.0.0"
+      },
+      "peerDependenciesMeta": {
+        "react-dom": {
+          "optional": true
+        },
+        "react-native": {
+          "optional": true
+        }
+      }
+    },
     "node_modules/react-refresh": {
       "version": "0.14.2",
       "resolved": "https://registry.npmjs.org/react-refresh/-/react-refresh-0.14.2.tgz",
@@ -5283,8 +5412,7 @@
     "node_modules/regenerator-runtime": {
       "version": "0.14.1",
       "resolved": "https://registry.npmjs.org/regenerator-runtime/-/regenerator-runtime-0.14.1.tgz",
-      "integrity": "sha512-dYnhHh0nJoMfnkZs6GmmhFknAGRrLznOu5nc9ML+EJxGvrx6H7teuevqVqCuPcPK//3eDrrjQhehXVx9cnkGdw==",
-      "dev": true
+      "integrity": "sha512-dYnhHh0nJoMfnkZs6GmmhFknAGRrLznOu5nc9ML+EJxGvrx6H7teuevqVqCuPcPK//3eDrrjQhehXVx9cnkGdw=="
     },
     "node_modules/regexp.prototype.flags": {
       "version": "1.5.2",
@@ -5304,6 +5432,11 @@
         "url": "https://github.com/sponsors/ljharb"
       }
     },
+    "node_modules/remove-accents": {
+      "version": "0.5.0",
+      "resolved": "https://registry.npmjs.org/remove-accents/-/remove-accents-0.5.0.tgz",
+      "integrity": "sha512-8g3/Otx1eJaVD12e31UbJj1YzdtVvzH85HV7t+9MJYk/u3XmkOUJ5Ys9wQrf9PCPK8+xn4ymzqYCiZl6QWKn+A=="
+    },
     "node_modules/requires-port": {
       "version": "1.0.0",
       "resolved": "https://registry.npmjs.org/requires-port/-/requires-port-1.0.0.tgz",
@@ -5359,7 +5492,6 @@
       "version": "3.0.2",
       "resolved": "https://registry.npmjs.org/rimraf/-/rimraf-3.0.2.tgz",
       "integrity": "sha512-JZkJMZkAGFFPP2YqXZXPbMlMBgsxzE8ILs4lMIX/2o0L9UBw9O/Y3o6wFw/i9YLapcUJWwqbi3kdxIPdC62TIA==",
-      "dev": true,
       "dependencies": {
         "glob": "^7.1.3"
       },
@@ -5374,7 +5506,6 @@
       "version": "7.2.3",
       "resolved": "https://registry.npmjs.org/glob/-/glob-7.2.3.tgz",
       "integrity": "sha512-nFR0zLpU2YCaRxwoCJvL6UvCH2JFyFVIvwTLsIf21AuHlMskA1hhTdk+LlYJtOlYt9v6dvszD2BGRqBL+iQK9Q==",
-      "dev": true,
       "dependencies": {
         "fs.realpath": "^1.0.0",
         "inflight": "^1.0.4",
@@ -6201,6 +6332,15 @@
         "node": ">= 4.0.0"
       }
     },
+    "node_modules/unload": {
+      "version": "2.2.0",
+      "resolved": "https://registry.npmjs.org/unload/-/unload-2.2.0.tgz",
+      "integrity": "sha512-B60uB5TNBLtN6/LsgAf3udH9saB5p7gqJwcFfbOEZ8BcBHnGwCf6G/TGiEqkRAxX7zAFIUtzdrXQSdL3Q/wqNA==",
+      "dependencies": {
+        "@babel/runtime": "^7.6.2",
+        "detect-node": "^2.0.4"
+      }
+    },
     "node_modules/update-browserslist-db": {
       "version": "1.0.15",
       "resolved": "https://registry.npmjs.org/update-browserslist-db/-/update-browserslist-db-1.0.15.tgz",
@@ -6696,8 +6836,7 @@
     "node_modules/wrappy": {
       "version": "1.0.2",
       "resolved": "https://registry.npmjs.org/wrappy/-/wrappy-1.0.2.tgz",
-      "integrity": "sha512-l4Sp/DRseor9wL6EvV2+TuQn63dMkPjZ/sp9XkghTEbV9KlPS1xUsZ3u7/IQO4wxtcFB4bgpQPRcR3QCvezPcQ==",
-      "dev": true
+      "integrity": "sha512-l4Sp/DRseor9wL6EvV2+TuQn63dMkPjZ/sp9XkghTEbV9KlPS1xUsZ3u7/IQO4wxtcFB4bgpQPRcR3QCvezPcQ=="
     },
     "node_modules/ws": {
       "version": "8.17.1",
diff --git a/ui/package.json b/ui/package.json
index 348263e..cbf3c62 100644
--- a/ui/package.json
+++ b/ui/package.json
@@ -12,8 +12,10 @@
   },
   "dependencies": {
     "next": "14.2.3",
+    "pkijs": "^3.1.0",
     "react": "^18",
     "react-dom": "^18",
+    "react-query": "^3.39.3",
     "sass": "^1.77.4",
     "vanilla-framework": "^4.11.0"
   },
diff --git a/ui/src/app/certificate_requests/page.test.tsx b/ui/src/app/certificate_requests/page.test.tsx
deleted file mode 100644
index 50eaaba..0000000
--- a/ui/src/app/certificate_requests/page.test.tsx
+++ /dev/null
@@ -1,8 +0,0 @@
-import { expect, test } from 'vitest'
-import { render, screen } from '@testing-library/react'
-import CertificateRequests from './page'
-
-test('CertificateRequestsPage', () => {
-    render(< CertificateRequests />)
-    expect(screen.getByRole('table', {})).toBeDefined()
-})
\ No newline at end of file
diff --git a/ui/src/app/certificate_requests/page.tsx b/ui/src/app/certificate_requests/page.tsx
index a0e69a4..70be761 100644
--- a/ui/src/app/certificate_requests/page.tsx
+++ b/ui/src/app/certificate_requests/page.tsx
@@ -1,9 +1,45 @@
 "use client"
 
+import { useQuery } from "react-query"
 import { CertificateRequestsTable } from "./table"
+import { getCertificateRequests } from "./queries"
+import { CSREntry } from "./types"
+
+function Error({ msg }: { msg: string }) {
+    return (
+        <caption>
+            <div className="p-strip">
+                <div className="row">
+                    <div className="u-align--left">
+                        <p className="p-heading--5">An error occured trying to load certificate requests</p>
+                        <p>{msg}</p>
+                    </div>
+                </div>
+            </div>
+        </caption>
+    )
+}
+
+function Loading() {
+    return (
+        <caption>
+            <div className="p-strip">
+                <div className="row">
+                    <div className="col-8 col-medium-4 col-small-3">
+                        <p className="p-heading--4 u-no-margin--bottom">Loading...</p>
+                    </div>
+                </div>
+            </div>
+        </caption>
+    )
+}
 
 export default function CertificateRequests() {
+    const query = useQuery<CSREntry[], Error>('csrs', getCertificateRequests)
+    if (query.status == "loading") { return <Loading /> }
+    if (query.status == "error") { return <Error msg={query.error.message} /> }
+    const csrs = Array.from(query.data ? query.data : [])
     return (
-        <CertificateRequestsTable />
+        <CertificateRequestsTable csrs={csrs} />
     )
 }
\ No newline at end of file
diff --git a/ui/src/app/certificate_requests/queries.ts b/ui/src/app/certificate_requests/queries.ts
new file mode 100644
index 0000000..3702304
--- /dev/null
+++ b/ui/src/app/certificate_requests/queries.ts
@@ -0,0 +1,9 @@
+import { CSREntry } from "./types"
+
+export async function getCertificateRequests(): Promise<CSREntry[]> {
+    const response = await fetch("/api/v1/certificate_requests")
+    if (!response.ok) {
+        throw new Error('Network response was not ok')
+    }
+    return response.json()
+}
\ No newline at end of file
diff --git a/ui/src/app/certificate_requests/row.test.tsx b/ui/src/app/certificate_requests/row.test.tsx
index dbe8269..edabc82 100644
--- a/ui/src/app/certificate_requests/row.test.tsx
+++ b/ui/src/app/certificate_requests/row.test.tsx
@@ -1,11 +1,67 @@
 import { expect, test } from 'vitest'
-import { render, screen } from '@testing-library/react'
+import { Dispatch, SetStateAction } from "react"
+import { render, screen, fireEvent } from '@testing-library/react'
 import Row from './row'
 
+const csr =
+{
+    'ID': 1,
+    'CSR': `-----BEGIN CERTIFICATE REQUEST-----
+MIIC5zCCAc8CAQAwRzEWMBQGA1UEAwwNMTAuMTUyLjE4My41MzEtMCsGA1UELQwk
+MzlhY2UxOTUtZGM1YS00MzJiLTgwOTAtYWZlNmFiNGI0OWNmMIIBIjANBgkqhkiG
+9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjM5Wz+HRtDveRzeDkEDM4ornIaefe8d8nmFi
+pUat9qCU3U9798FR460DHjCLGxFxxmoRitzHtaR4ew5H036HlGB20yas/CMDgSUI
+69DyAsyPwEJqOWBGO1LL50qXdl5/jOkO2voA9j5UsD1CtWSklyhbNhWMpYqj2ObW
+XcaYj9Gx/TwYhw8xsJ/QRWyCrvjjVzH8+4frfDhBVOyywN7sq+I3WwCbyBBcN8uO
+yae0b/q5+UJUiqgpeOAh/4Y7qI3YarMj4cm7dwmiCVjedUwh65zVyHtQUfLd8nFW
+Kl9775mNBc1yicvKDU3ZB5hZ1MZtpbMBwaA1yMSErs/fh5KaXwIDAQABoFswWQYJ
+KoZIhvcNAQkOMUwwSjBIBgNVHREEQTA/hwQKmLc1gjd2YXVsdC1rOHMtMC52YXVs
+dC1rOHMtZW5kcG9pbnRzLnZhdWx0LnN2Yy5jbHVzdGVyLmxvY2FsMA0GCSqGSIb3
+DQEBCwUAA4IBAQCJt8oVDbiuCsik4N5AOJIT7jKsMb+j0mizwjahKMoCHdx+zv0V
+FGkhlf0VWPAdEu3gHdJfduX88WwzJ2wBBUK38UuprAyvfaZfaYUgFJQNC6DH1fIa
+uHYEhvNJBdFJHaBvW7lrSFi57fTA9IEPrB3m/XN3r2F4eoHnaJJqHZmMwqVHck87
+cAQXk3fvTWuikHiCHqqdSdjDYj/8cyiwCrQWpV245VSbOE0WesWoEnSdFXVUfE1+
+RSKeTRuuJMcdGqBkDnDI22myj0bjt7q8eqBIjTiLQLnAFnQYpcCrhc8dKU9IJlv1
+H9Hay4ZO9LRew3pEtlx2WrExw/gpUcWM8rTI
+-----END CERTIFICATE REQUEST-----`,
+    'Certificate': `-----BEGIN CERTIFICATE-----
+MIIDrDCCApSgAwIBAgIURKr+jf7hj60SyAryIeN++9wDdtkwDQYJKoZIhvcNAQEL
+BQAwOTELMAkGA1UEBhMCVVMxKjAoBgNVBAMMIXNlbGYtc2lnbmVkLWNlcnRpZmlj
+YXRlcy1vcGVyYXRvcjAeFw0yNDAzMjcxMjQ4MDRaFw0yNTAzMjcxMjQ4MDRaMEcx
+FjAUBgNVBAMMDTEwLjE1Mi4xODMuNTMxLTArBgNVBC0MJDM5YWNlMTk1LWRjNWEt
+NDMyYi04MDkwLWFmZTZhYjRiNDljZjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
+AQoCggEBAIzOVs/h0bQ73kc3g5BAzOKK5yGnn3vHfJ5hYqVGrfaglN1Pe/fBUeOt
+Ax4wixsRccZqEYrcx7WkeHsOR9N+h5RgdtMmrPwjA4ElCOvQ8gLMj8BCajlgRjtS
+y+dKl3Zef4zpDtr6APY+VLA9QrVkpJcoWzYVjKWKo9jm1l3GmI/Rsf08GIcPMbCf
+0EVsgq7441cx/PuH63w4QVTsssDe7KviN1sAm8gQXDfLjsmntG/6uflCVIqoKXjg
+If+GO6iN2GqzI+HJu3cJoglY3nVMIeuc1ch7UFHy3fJxVipfe++ZjQXNconLyg1N
+2QeYWdTGbaWzAcGgNcjEhK7P34eSml8CAwEAAaOBnTCBmjAhBgNVHSMEGjAYgBYE
+FN/vgl9cAapV7hH9lEyM7qYS958aMB0GA1UdDgQWBBRJJDZkHr64VqTC24DPQVld
+Ba3iPDAMBgNVHRMBAf8EAjAAMEgGA1UdEQRBMD+CN3ZhdWx0LWs4cy0wLnZhdWx0
+LWs4cy1lbmRwb2ludHMudmF1bHQuc3ZjLmNsdXN0ZXIubG9jYWyHBAqYtzUwDQYJ
+KoZIhvcNAQELBQADggEBAEH9NTwDiSsoQt/QXkWPMBrB830K0dlwKl5WBNgVxFP+
+hSfQ86xN77jNSp2VxOksgzF9J9u/ubAXvSFsou4xdP8MevBXoFJXeqMERq5RW3gc
+WyhXkzguv3dwH+n43GJFP6MQ+n9W/nPZCUQ0Iy7ueAvj0HFhGyZzAE2wxNFZdvCs
+gCX3nqYpp70oZIFDrhmYwE5ij5KXlHD4/1IOfNUKCDmQDgGPLI1tVtwQLjeRq7Hg
+XVelpl/LXTQawmJyvDaVT/Q9P+WqoDiMjrqF6Sy7DzNeeccWVqvqX5TVS6Ky56iS
+Mvo/+PAJHkBciR5Xn+Wg2a+7vrZvT6CBoRSOTozlLSM=
+-----END CERTIFICATE-----`
+}
+
+let actionMenuExpanded = 0
+const setActionMenuExpanded = (val: number) => {
+    actionMenuExpanded = val
+}
+
 test('Certificate Requests Table Row', () => {
-    render(<Row id={1} csr='' certificate='' />)
-    expect(screen.getByText('1')).toBeDefined()
-})
-// TODO: when certificate rejected => rejected status
-// TODO: when certificate empty => outstanding status
-// TODO: when certificate anything else => certificate.NotAfter
\ No newline at end of file
+    render(<Row id={csr.ID} csr={csr.CSR} certificate={csr.Certificate} ActionMenuExpanded={actionMenuExpanded} setActionMenuExpanded={setActionMenuExpanded as Dispatch<SetStateAction<number>>} />)
+    expect(screen.getByText('10.152.183.53')).toBeDefined() // Common name of CSR
+    expect(screen.getByLabelText('certificate-expiry-date').innerHTML).toMatch(/^Thu Mar 27/)
+    const openActionsButton = screen.getByLabelText("action-menu-button")
+    fireEvent.click(openActionsButton);
+    expect(actionMenuExpanded).toBe(1)
+    render(<Row id={csr.ID} csr={csr.CSR} certificate="rejected" ActionMenuExpanded={actionMenuExpanded} setActionMenuExpanded={setActionMenuExpanded as Dispatch<SetStateAction<number>>} />)
+    expect(screen.getByText('rejected')).toBeDefined()
+    render(<Row id={csr.ID} csr={csr.CSR} certificate="" ActionMenuExpanded={actionMenuExpanded} setActionMenuExpanded={setActionMenuExpanded as Dispatch<SetStateAction<number>>} />)
+    expect(screen.getByText('outstanding')).toBeDefined()
+})
\ No newline at end of file
diff --git a/ui/src/app/certificate_requests/row.tsx b/ui/src/app/certificate_requests/row.tsx
index 0ef4a03..9ca6891 100644
--- a/ui/src/app/certificate_requests/row.tsx
+++ b/ui/src/app/certificate_requests/row.tsx
@@ -1,11 +1,6 @@
 import { useState, Dispatch, SetStateAction } from "react"
-const extractCSR = (csrPemString: string) => {
-    //TODO
-}
+import { extractCSR, extractCert } from "../utils"
 
-const extractCert = (certPemString: string) => {
-    //TODO
-}
 
 type rowProps = {
     id: number,
@@ -18,40 +13,44 @@ type rowProps = {
 export default function Row({ id, csr, certificate, ActionMenuExpanded, setActionMenuExpanded }: rowProps) {
     const [detailsMenuOpen, setDetailsMenuOpen] = useState<boolean>(false)
 
+    const csrObj = extractCSR(csr)
+    const certObj = extractCert(certificate)
+
     const toggleActionMenu = () => {
         if (ActionMenuExpanded == id) {
             setActionMenuExpanded(0)
-        }else{
+        } else {
             setActionMenuExpanded(id)
         }
     }
     return (
         <tr>
-            <td className="" width={5} data-test-column="id">{id}</td>
+            <td className="" width={5} aria-label="id">{id}</td>
             <td className="">
-                <button 
-                    className="u-toggle p-contextual-menu__toggle p-button--base is-small" 
+                <button
+                    className="u-toggle p-contextual-menu__toggle p-button--base is-small"
                     aria-controls="expanded-row"
-                    aria-expanded={detailsMenuOpen? "true": "false"}
+                    aria-expanded={detailsMenuOpen ? "true" : "false"}
                     onClick={() => setDetailsMenuOpen(!detailsMenuOpen)}>
-                        <i className="p-icon--chevron-down p-contextual-menu__indicator"></i>
+                    <i className="p-icon--chevron-down p-contextual-menu__indicator"></i>
                 </button>
-                <span> example.com</span>
+                <span>{csrObj.subjects.find((e) => e.type == "Common Name")?.value}</span>
             </td>
-            <td className="" data-test-column="status">{certificate == "" ? "outstanding" : (certificate == "rejected" ? "rejected" : "fulfilled")}</td>
-            <td className="" data-test-column="status">{certificate == "" ? "" : (certificate == "rejected" ? "" : "date")}</td>
+            <td className="" aria-label="csr-status">{certificate == "" ? "outstanding" : (certificate == "rejected" ? "rejected" : "fulfilled")}</td>
+            <td className="" aria-label="certificate-expiry-date">{certificate == "" ? "" : (certificate == "rejected" ? "" : certObj?.notAfter)}</td>
             <td className="has-overflow" data-heading="Actions">
                 <span className="p-contextual-menu--center u-no-margin--bottom">
-                    <button 
-                        className="p-contextual-menu__toggle p-button--base is-small u-no-margin--bottom" 
-                        aria-controls="action-menu" 
-                        aria-expanded={ActionMenuExpanded == id ? "true": "false"} 
-                        aria-haspopup="true" 
+                    <button
+                        className="p-contextual-menu__toggle p-button--base is-small u-no-margin--bottom"
+                        aria-label="action-menu-button"
+                        aria-controls="action-menu"
+                        aria-expanded={ActionMenuExpanded == id ? "true" : "false"}
+                        aria-haspopup="true"
                         onClick={toggleActionMenu}
                         onBlur={toggleActionMenu}>
-                            <i className="p-icon--menu p-contextual-menu__indicator"></i>
+                        <i className="p-icon--menu p-contextual-menu__indicator"></i>
                     </button>
-                    <span className="p-contextual-menu__dropdown" id="action-menu" aria-hidden={ActionMenuExpanded == id? "false": "true"}>
+                    <span className="p-contextual-menu__dropdown" id="action-menu" aria-hidden={ActionMenuExpanded == id ? "false" : "true"}>
                         <span className="p-contextual-menu__group">
                             <button className="p-contextual-menu__link">Copy Certificate Request to Clipboard</button>
                             <button className="p-contextual-menu__link">Download Certificate Request</button>
@@ -65,11 +64,10 @@ export default function Row({ id, csr, certificate, ActionMenuExpanded, setActio
                     </span>
                 </span>
             </td>
-            <td id="expanded-row" className="p-table__expanding-panel" aria-hidden={detailsMenuOpen? "false": "true"}>
+            <td id="expanded-row" className="p-table__expanding-panel" aria-hidden={detailsMenuOpen ? "false" : "true"}>
                 <div className="row">
                     <div className="col-8">
-                        <p><b>Common Name</b>: example.com</p>
-                        <p><b>Subject Alternative Names</b>: example.com, 127.0.0.1, 1.2.3.4.5.56</p>
+                        <p><b>Common Name</b>: {csrObj.subjects.find((e) => e.type == "Common Name")?.value}</p>
                     </div>
                 </div>
             </td>
diff --git a/ui/src/app/certificate_requests/table.test.tsx b/ui/src/app/certificate_requests/table.test.tsx
new file mode 100644
index 0000000..6a7c08c
--- /dev/null
+++ b/ui/src/app/certificate_requests/table.test.tsx
@@ -0,0 +1,99 @@
+import { expect, test } from 'vitest'
+import { render, screen } from '@testing-library/react'
+import { CertificateRequestsTable } from './table'
+
+const rows = [
+    {
+        'ID': 1,
+        'CSR': `-----BEGIN CERTIFICATE REQUEST-----
+MIICszCCAZsCAQAwFjEUMBIGA1UEAwwLZXhhbXBsZS5jb20wggEiMA0GCSqGSIb3
+DQEBAQUAA4IBDwAwggEKAoIBAQDC5KgrADpuOUPwSh0YLmpWF66VTcciIGC2HcGn
+oJknL7pm5q9qhfWGIdvKKlIA6cBB32jPd0QcYDsx7+AvzEvBuO7mq7v2Q1sPU4Q+
+L0s2pLJges6/cnDWvk/p5eBjDLOqHhUNzpMUga9SgIod8yymTZm3eqQvt1ABdwTg
+FzBs5QdSm2Ny1fEbbcRE+Rv5rqXyJb2isXSujzSuS22VqslDIyqnY5WaLg+pjZyR
++0j13ecJsdh6/MJMUZWheimV2Yv7SFtxzFwbzBMO9YFS098sy4F896eBHLNe9cUC
++d1JDtLaewlMogjHBHAxmP54dhe6vvc78anElKKP4hm5N5nlAgMBAAGgWDBWBgkq
+hkiG9w0BCQ4xSTBHMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcD
+AQYIKwYBBQUHAwIwFgYDVR0RBA8wDYILZXhhbXBsZS5jb20wDQYJKoZIhvcNAQEL
+BQADggEBACP1VKEGVYKoVLMDJS+EZ0CPwIYWsO4xBXgK6atHe8WIChVn/8I7eo60
+cuMDiy4LR70G++xL1tpmYGRbx21r9d/shL2ehp9VdClX06qxlcGxiC/F8eThRuS5
+zHcdNqSVyMoLJ0c7yWHJahN5u2bn1Lov34yOEqGGpWCGF/gT1nEvM+p/v30s89f2
+Y/uPl4g3jpGqLCKTASWJDGnZLroLICOzYTVs5P3oj+VueSUwYhGK5tBnS2x5FHID
+uMNMgwl0fxGMQZjrlXyCBhXBm1k6PmwcJGJF5LQ31c+5aTTMFU7SyZhlymctB8mS
+y+ErBQsRpcQho6Ok+HTXQQUcx7WNcwI=
+-----END CERTIFICATE REQUEST-----`,
+        'Certificate': ""
+    },
+    {
+        'ID': 2,
+        'CSR': `-----BEGIN CERTIFICATE REQUEST-----
+MIIDGjCCAgICAQAwajEVMBMGA1UEAwwMZXhlbXBsYXIuY29tMQswCQYDVQQGEwJV
+UzESMBAGA1UECAwJTG91aXNpYW5hMRQwEgYDVQQHDAtOZXcgT3JsZWFuczEaMBgG
+A1UECgwRQ2VydGlmaWNhdGUgVG9vbHMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw
+ggEKAoIBAQDZD+5Kz84PVxW6zUEd0wwWPC4h0vxSMX1kuDM+NibZdgB/kE+g9OI5
+qvK7bOrGrXEs0GOuI4M7pl/6e42+it/oE0v5tWBZxka8J+bqYE5J8NGal/oIgOo7
+evpx5QPFFlJlJOJdH4bFJfp6GMO/3tO3Ip7O0Q3iitTnDA2gJC6aQW7hclVCk4ls
+lWFVyUFRRubKW0/LEmgNl9DNuQyfLp1yB3159r1NiKT9M+/ATrmBYF2ZiCWBWz4C
+ySja6+r4UB/LZYwdp/n7rRtwX1R/B6HPsXw/nGsjU6+OyYS/oDJwNWpT3+dsa7sD
+cSm1SNhJuKwC74nYGfH0y4FNsPW3cpiZAgMBAAGgazBpBgkqhkiG9w0BCQ4xXDBa
+MA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw
+KQYDVR0RBCIwIIIMZXhlbXBsYXIuY29tghB3d3cuZXhlbXBsYXIuY29tMA0GCSqG
+SIb3DQEBCwUAA4IBAQAuqwxmBklZ86ypTkchZJmUsyF8y/THqncFDW8RGWIB3Usi
+tK9qb8EE92MoWboo4m4bcX74y+eUo3xBev6ZZwdScy8OHLhA/MMI8EElpeYt+Hc2
+2gvIs7WNemo3cCTpOtwvROWYpzxMp/z2/Zui9D57oTFcTdBjlJPyU5K4bCz+nNGV
+81ifHK1xAUECfJp1IR7hFv2c2JbkwwD3KSCsyqc+/xtQLbrEPGWF1R0Gp9N1hxKv
+WsDOAOH6qKQKQg3BO/xmRoohC6GL4CuhP7HYGi7+wziNhNZQa4GtE/k9DyIXVtJy
+yuf2PnfXCKnaIWRJNoEqDCZRVMfA5BFSwTPITqyo
+-----END CERTIFICATE REQUEST-----`,
+        'Certificate': "rejected"
+    },
+    {
+        'ID': 3,
+        'CSR': `-----BEGIN CERTIFICATE REQUEST-----
+MIIC5zCCAc8CAQAwRzEWMBQGA1UEAwwNMTAuMTUyLjE4My41MzEtMCsGA1UELQwk
+MzlhY2UxOTUtZGM1YS00MzJiLTgwOTAtYWZlNmFiNGI0OWNmMIIBIjANBgkqhkiG
+9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjM5Wz+HRtDveRzeDkEDM4ornIaefe8d8nmFi
+pUat9qCU3U9798FR460DHjCLGxFxxmoRitzHtaR4ew5H036HlGB20yas/CMDgSUI
+69DyAsyPwEJqOWBGO1LL50qXdl5/jOkO2voA9j5UsD1CtWSklyhbNhWMpYqj2ObW
+XcaYj9Gx/TwYhw8xsJ/QRWyCrvjjVzH8+4frfDhBVOyywN7sq+I3WwCbyBBcN8uO
+yae0b/q5+UJUiqgpeOAh/4Y7qI3YarMj4cm7dwmiCVjedUwh65zVyHtQUfLd8nFW
+Kl9775mNBc1yicvKDU3ZB5hZ1MZtpbMBwaA1yMSErs/fh5KaXwIDAQABoFswWQYJ
+KoZIhvcNAQkOMUwwSjBIBgNVHREEQTA/hwQKmLc1gjd2YXVsdC1rOHMtMC52YXVs
+dC1rOHMtZW5kcG9pbnRzLnZhdWx0LnN2Yy5jbHVzdGVyLmxvY2FsMA0GCSqGSIb3
+DQEBCwUAA4IBAQCJt8oVDbiuCsik4N5AOJIT7jKsMb+j0mizwjahKMoCHdx+zv0V
+FGkhlf0VWPAdEu3gHdJfduX88WwzJ2wBBUK38UuprAyvfaZfaYUgFJQNC6DH1fIa
+uHYEhvNJBdFJHaBvW7lrSFi57fTA9IEPrB3m/XN3r2F4eoHnaJJqHZmMwqVHck87
+cAQXk3fvTWuikHiCHqqdSdjDYj/8cyiwCrQWpV245VSbOE0WesWoEnSdFXVUfE1+
+RSKeTRuuJMcdGqBkDnDI22myj0bjt7q8eqBIjTiLQLnAFnQYpcCrhc8dKU9IJlv1
+H9Hay4ZO9LRew3pEtlx2WrExw/gpUcWM8rTI
+-----END CERTIFICATE REQUEST-----`,
+        'Certificate': `-----BEGIN CERTIFICATE-----
+MIIDrDCCApSgAwIBAgIURKr+jf7hj60SyAryIeN++9wDdtkwDQYJKoZIhvcNAQEL
+BQAwOTELMAkGA1UEBhMCVVMxKjAoBgNVBAMMIXNlbGYtc2lnbmVkLWNlcnRpZmlj
+YXRlcy1vcGVyYXRvcjAeFw0yNDAzMjcxMjQ4MDRaFw0yNTAzMjcxMjQ4MDRaMEcx
+FjAUBgNVBAMMDTEwLjE1Mi4xODMuNTMxLTArBgNVBC0MJDM5YWNlMTk1LWRjNWEt
+NDMyYi04MDkwLWFmZTZhYjRiNDljZjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
+AQoCggEBAIzOVs/h0bQ73kc3g5BAzOKK5yGnn3vHfJ5hYqVGrfaglN1Pe/fBUeOt
+Ax4wixsRccZqEYrcx7WkeHsOR9N+h5RgdtMmrPwjA4ElCOvQ8gLMj8BCajlgRjtS
+y+dKl3Zef4zpDtr6APY+VLA9QrVkpJcoWzYVjKWKo9jm1l3GmI/Rsf08GIcPMbCf
+0EVsgq7441cx/PuH63w4QVTsssDe7KviN1sAm8gQXDfLjsmntG/6uflCVIqoKXjg
+If+GO6iN2GqzI+HJu3cJoglY3nVMIeuc1ch7UFHy3fJxVipfe++ZjQXNconLyg1N
+2QeYWdTGbaWzAcGgNcjEhK7P34eSml8CAwEAAaOBnTCBmjAhBgNVHSMEGjAYgBYE
+FN/vgl9cAapV7hH9lEyM7qYS958aMB0GA1UdDgQWBBRJJDZkHr64VqTC24DPQVld
+Ba3iPDAMBgNVHRMBAf8EAjAAMEgGA1UdEQRBMD+CN3ZhdWx0LWs4cy0wLnZhdWx0
+LWs4cy1lbmRwb2ludHMudmF1bHQuc3ZjLmNsdXN0ZXIubG9jYWyHBAqYtzUwDQYJ
+KoZIhvcNAQELBQADggEBAEH9NTwDiSsoQt/QXkWPMBrB830K0dlwKl5WBNgVxFP+
+hSfQ86xN77jNSp2VxOksgzF9J9u/ubAXvSFsou4xdP8MevBXoFJXeqMERq5RW3gc
+WyhXkzguv3dwH+n43GJFP6MQ+n9W/nPZCUQ0Iy7ueAvj0HFhGyZzAE2wxNFZdvCs
+gCX3nqYpp70oZIFDrhmYwE5ij5KXlHD4/1IOfNUKCDmQDgGPLI1tVtwQLjeRq7Hg
+XVelpl/LXTQawmJyvDaVT/Q9P+WqoDiMjrqF6Sy7DzNeeccWVqvqX5TVS6Ky56iS
+Mvo/+PAJHkBciR5Xn+Wg2a+7vrZvT6CBoRSOTozlLSM=
+-----END CERTIFICATE-----`
+    },
+]
+
+test('CertificateRequestsPage', () => {
+    render(< CertificateRequestsTable csrs={rows} />)
+    expect(screen.getByRole('table', {})).toBeDefined()
+    expect(screen.getByText('example.com')).toBeDefined() // Common Name of one of the CSR's
+})
\ No newline at end of file
diff --git a/ui/src/app/certificate_requests/table.tsx b/ui/src/app/certificate_requests/table.tsx
index 51142d4..e7fe679 100644
--- a/ui/src/app/certificate_requests/table.tsx
+++ b/ui/src/app/certificate_requests/table.tsx
@@ -1,16 +1,30 @@
-import { useContext, useState } from "react"
+import { useContext, useState, Dispatch, SetStateAction } from "react"
 import { AsideContext } from "../nav"
 import Row from "./row"
+import { CSREntry } from "./types"
 
-type CSREntry = {
-    id: number,
-    csr: string,
-    certificate: string
+function EmptyState({ asideOpen, setAsideOpen }: { asideOpen: boolean, setAsideOpen: Dispatch<SetStateAction<boolean>> }) {
+    return (
+        <caption>
+            <div className="p-strip">
+                <div className="row">
+                    <div className="col-8 col-medium-4 col-small-3">
+                        <p className="p-heading--4">No CSRs available yet.</p>
+                        <button className="u-no-margin--bottom p-button--positive" aria-label="add-csr-button" onClick={() => setAsideOpen(true)}>Add New CSR</button>
+                    </div>
+                </div>
+            </div>
+        </caption>
+    )
+}
+
+type TableProps = {
+    csrs: CSREntry[]
 }
 
 function sortByCSRStatus(a: CSREntry, b: CSREntry) {
-    const aCSRStatus = a.certificate == "" ? "outstanding" : (a.certificate == "rejected" ? "rejected" : "fulfilled")
-    const bCSRStatus = b.certificate == "" ? "outstanding" : (b.certificate == "rejected" ? "rejected" : "fulfilled")
+    const aCSRStatus = a.Certificate == "" ? "outstanding" : (a.Certificate == "rejected" ? "rejected" : "fulfilled")
+    const bCSRStatus = b.Certificate == "" ? "outstanding" : (b.Certificate == "rejected" ? "rejected" : "fulfilled")
     if (aCSRStatus < bCSRStatus) {
         return -1;
     } else if (aCSRStatus > bCSRStatus) {
@@ -21,8 +35,8 @@ function sortByCSRStatus(a: CSREntry, b: CSREntry) {
 }
 
 function sortByCertStatus(a: CSREntry, b: CSREntry) {
-    const aCertStatus = (a.certificate == "" ? "" : (a.certificate == "rejected" ? "" : "date"))
-    const bCertStatus = (b.certificate == "" ? "" : (b.certificate == "rejected" ? "" : "date"))
+    const aCertStatus = (a.Certificate == "" ? "" : (a.Certificate == "rejected" ? "" : "date"))
+    const bCertStatus = (b.Certificate == "" ? "" : (b.Certificate == "rejected" ? "" : "date"))
     if (aCertStatus < bCertStatus) {
         return -1;
     } else if (aCertStatus > bCertStatus) {
@@ -32,26 +46,18 @@ function sortByCertStatus(a: CSREntry, b: CSREntry) {
     }
 }
 
-export function CertificateRequestsTable() {
+export function CertificateRequestsTable({ csrs: rows }: TableProps) {
     const { isOpen: isAsideOpen, setIsOpen: setAsideIsOpen } = useContext(AsideContext)
 
     const [actionsMenuExpanded, setActionsMenuExpanded] = useState<number>(0)
     const [sortedColumn, setSortedColumn] = useState<string>('none')
     const [sortDescending, setSortDescending] = useState<boolean>(true)
-    const rows = [
-        {'id':1, 'csr':"csr1",'certificate':""},
-        {'id':2, 'csr':"csr2",'certificate':"rejected"},
-        {'id':3, 'csr':"csr3",'certificate':"a real cert"},
-        {'id':4, 'csr':"csr3",'certificate':"a real cert"},
-        {'id':5, 'csr':"csr3",'certificate':"a real cert"},
-        {'id':6, 'csr':"csr3",'certificate':"a real cert"},
-    ]
     const sortedRows = () => {
         switch (sortedColumn) {
             case "csr":
-                return (sortDescending? rows.sort(sortByCSRStatus).reverse() : rows.sort(sortByCSRStatus))
+                return (sortDescending ? rows.sort(sortByCSRStatus).reverse() : rows.sort(sortByCSRStatus))
             case "cert":
-                return (sortDescending? rows.sort(sortByCertStatus).reverse() : rows.sort(sortByCertStatus))
+                return (sortDescending ? rows.sort(sortByCertStatus).reverse() : rows.sort(sortByCertStatus))
             default:
                 return rows
         }
@@ -61,7 +67,7 @@ export function CertificateRequestsTable() {
             <div className="p-panel__header is-sticky">
                 <h4 className="p-panel__title">Certificate Requests</h4>
                 <div className="p-panel__controls">
-                    <button className="u-no-margin--bottom p-button--positive" aria-label="add-csr-button" onClick={() => setAsideIsOpen(true)}>Add New CSR</button>
+                    {rows.length > 0 && <button className="u-no-margin--bottom p-button--positive" aria-label="add-csr-button" onClick={() => setAsideIsOpen(true)}>Add New CSR</button>}
                 </div>
             </div>
             <div className="p-panel__content">
@@ -71,8 +77,8 @@ export function CertificateRequestsTable() {
                             <tr>
                                 <th>ID</th>
                                 <th>Details</th>
-                                <th aria-sort={sortedColumn == "csr"? (sortDescending? "descending": "ascending"): "none"} onClick={() => {setSortedColumn('csr');setSortDescending(!sortDescending)}}>CSR Status</th>
-                                <th aria-sort={sortedColumn == "cert"? (sortDescending? "descending": "ascending"): "none"} onClick={() => {setSortedColumn('cert');setSortDescending(!sortDescending)}}>Certificate Expiry Date</th>
+                                <th aria-sort={sortedColumn == "csr" ? (sortDescending ? "descending" : "ascending") : "none"} onClick={() => { setSortedColumn('csr'); setSortDescending(!sortDescending) }}>CSR Status</th>
+                                <th aria-sort={sortedColumn == "cert" ? (sortDescending ? "descending" : "ascending") : "none"} onClick={() => { setSortedColumn('cert'); setSortDescending(!sortDescending) }}>Certificate Expiry Date</th>
                                 <th className="has-overflow">Actions</th>
                                 <th aria-hidden="true"></th>
                             </tr>
@@ -80,10 +86,11 @@ export function CertificateRequestsTable() {
                         <tbody>
                             {
                                 sortedRows().map((row) => (
-                                    <Row key={row.id} id={row.id} csr={row.csr} certificate={row.certificate} ActionMenuExpanded={actionsMenuExpanded} setActionMenuExpanded={setActionsMenuExpanded}/> 
+                                    <Row key={row.ID} id={row.ID} csr={row.CSR} certificate={row.Certificate} ActionMenuExpanded={actionsMenuExpanded} setActionMenuExpanded={setActionsMenuExpanded} />
                                 )
-                            )}
+                                )}
                         </tbody>
+                        {rows.length == 0 && <EmptyState asideOpen={isAsideOpen} setAsideOpen={setAsideIsOpen} />}
                     </table>
                 </div>
             </div>
diff --git a/ui/src/app/certificate_requests/types.ts b/ui/src/app/certificate_requests/types.ts
new file mode 100644
index 0000000..8f2704f
--- /dev/null
+++ b/ui/src/app/certificate_requests/types.ts
@@ -0,0 +1,5 @@
+export type CSREntry = {
+    ID: number,
+    CSR: string,
+    Certificate: string
+}
\ No newline at end of file
diff --git a/ui/src/app/nav.test.tsx b/ui/src/app/nav.test.tsx
index 08bb5de..fa0fd1c 100644
--- a/ui/src/app/nav.test.tsx
+++ b/ui/src/app/nav.test.tsx
@@ -1,11 +1,11 @@
 import { expect, describe, it } from "vitest";
-import {render, fireEvent, screen} from '@testing-library/react'
+import { render, fireEvent, screen } from '@testing-library/react'
 import Navigation from "./nav";
 import { CertificateRequestsTable } from "./certificate_requests/table";
 
 describe('Navigation', () => {
   it('should open aside when clicking button', () => {
-    render(<Navigation><CertificateRequestsTable /></Navigation>)
+    render(<Navigation><CertificateRequestsTable csrs={[]} /></Navigation>)
     const addCSRButton = screen.getByLabelText(/add-csr-button/i)
     expect(screen.getByLabelText(/aside-panel/i).className.endsWith('is-collapsed')).toBe(true)
     fireEvent.click(addCSRButton)
diff --git a/ui/src/app/nav.tsx b/ui/src/app/nav.tsx
index d905608..82bf2d7 100644
--- a/ui/src/app/nav.tsx
+++ b/ui/src/app/nav.tsx
@@ -1,6 +1,7 @@
 "use client"
 
-import { SetStateAction, Dispatch, useState, createContext, useEffect , ChangeEvent} from "react"
+import { SetStateAction, Dispatch, useState, createContext, useEffect, ChangeEvent } from "react"
+import { QueryClient, QueryClientProvider } from "react-query";
 import Image from "next/image";
 
 type AsideContextType = {
@@ -24,10 +25,10 @@ export function Aside({ isOpen, setIsOpen }: { isOpen: boolean, setIsOpen: Dispa
                         setCSRPEMString(e.target.result.toString());
                     }
                 }
-        };
-        reader.readAsText(file);
+            };
+            reader.readAsText(file);
         }
-  };
+    };
     return (
         <aside className={"l-aside" + (isOpen ? "" : " is-collapsed")} id="aside-panel" aria-label="aside-panel">
             <div className="p-panel">
@@ -43,7 +44,7 @@ export function Aside({ isOpen, setIsOpen }: { isOpen: boolean, setIsOpen: Dispa
                             <label htmlFor="textarea">
                                 Enter or upload CSR in PEM format below
                             </label>
-                            <textarea id="csr-textarea" name="textarea" rows={10} placeholder="-----BEGIN CERTIFICATE REQUEST-----" onChange={handleTextChange} value={CSRPEMString}/>
+                            <textarea id="csr-textarea" name="textarea" rows={10} placeholder="-----BEGIN CERTIFICATE REQUEST-----" onChange={handleTextChange} value={CSRPEMString} />
                         </div>
                         <div className="p-form__group row">
                             <input type="file" name="upload" accept=".pem" onChange={handleFileChange}></input>
@@ -61,10 +62,10 @@ export function Aside({ isOpen, setIsOpen }: { isOpen: boolean, setIsOpen: Dispa
 export function SideBar({ sidebarVisible, setSidebarVisible }: { sidebarVisible: boolean, setSidebarVisible: Dispatch<SetStateAction<boolean>> }) {
     const [activeTab, setActiveTab] = useState<string>("");
     useEffect(() => {
-      if (typeof window !== 'undefined') {
-        setActiveTab(location.pathname.split('/')[1]);
-      }
-    }, []); 
+        if (typeof window !== 'undefined') {
+            setActiveTab(location.pathname.split('/')[1]);
+        }
+    }, []);
     return (
         <header className={sidebarVisible ? "l-navigation" : "l-navigation is-collapsed"}>
             <div className="l-navigation__drawer">
@@ -116,20 +117,21 @@ export function TopBar({ setSidebarVisible }: { setSidebarVisible: Dispatch<SetS
 export function Logo() {
     return (
         <div className="logo">
-          <div className="logo-tag">
-            <Image
-              src="https://assets.ubuntu.com/v1/82818827-CoF_white.svg"
-              alt="circle of friends"
-              width={32}
-              height={32}
-              className="logo-image"
-            />
-          </div>
-          <span className="logo-text p-heading--4">GoCert</span>
+            <div className="logo-tag">
+                <Image
+                    src="https://assets.ubuntu.com/v1/82818827-CoF_white.svg"
+                    alt="circle of friends"
+                    width={32}
+                    height={32}
+                    className="logo-image"
+                />
+            </div>
+            <span className="logo-text p-heading--4">GoCert</span>
         </div>
     )
 }
 
+const queryClient = new QueryClient()
 export default function Navigation({
     children,
 }: Readonly<{
@@ -138,15 +140,17 @@ export default function Navigation({
     const [sidebarVisible, setSidebarVisible] = useState<boolean>(true)
     const [asideOpen, setAsideOpen] = useState<boolean>(false)
     return (
-        <div className="l-application" role="presentation">
-            <TopBar setSidebarVisible={setSidebarVisible} />
-            <SideBar sidebarVisible={sidebarVisible} setSidebarVisible={setSidebarVisible} />
-            <main className="l-main">
-                <AsideContext.Provider value={{ isOpen: asideOpen, setIsOpen: setAsideOpen }}>
-                    {children}
-                </AsideContext.Provider>
-            </main>
-            <Aside isOpen={asideOpen} setIsOpen={setAsideOpen} />
-        </div >
+        <QueryClientProvider client={queryClient}>
+            <div className="l-application" role="presentation">
+                <TopBar setSidebarVisible={setSidebarVisible} />
+                <SideBar sidebarVisible={sidebarVisible} setSidebarVisible={setSidebarVisible} />
+                <main className="l-main">
+                    <AsideContext.Provider value={{ isOpen: asideOpen, setIsOpen: setAsideOpen }}>
+                        {children}
+                    </AsideContext.Provider>
+                </main>
+                <Aside isOpen={asideOpen} setIsOpen={setAsideOpen} />
+            </div >
+        </QueryClientProvider>
     )
 }
\ No newline at end of file
diff --git a/ui/src/app/utils.ts b/ui/src/app/utils.ts
new file mode 100644
index 0000000..65977d6
--- /dev/null
+++ b/ui/src/app/utils.ts
@@ -0,0 +1,119 @@
+import { CertificationRequest, Certificate } from "pkijs";
+import { fromBER } from "asn1js";
+
+
+export const oidToName = (oid: string) => {
+    const map: { [key: string]: string } = {
+        // Subject OID's
+        "2.5.4.3": "Common Name",
+        "2.5.4.6": "Country",
+        "2.5.4.7": "Locality",
+        "2.5.4.8": "State or Province",
+        "2.5.4.9": "Street Address",
+        "2.5.4.97": "Organization Identifier",
+        "2.5.4.10": "Organization Name",
+        "2.5.4.11": "Organizational Unit Name",
+        "2.5.4.5": "Serial Number",
+        "2.5.4.4": "Surname",
+        "2.5.4.42": "Given Name",
+        "2.5.4.12": "Title",
+        "2.5.4.43": "Initials",
+        "2.5.4.44": "Generation Qualifier",
+        "2.5.4.45": "X500 Unique Identifier",
+        "2.5.4.46": "Dn Qualifier",
+        "2.5.4.65": "Pseudonym",
+        "0.9.2342.19200300.100.1.1": "User Id",
+        "0.9.2342.19200300.100.1.25": "Domain Component",
+        "1.2.840.113549.1.9.1": "Email Address",
+        "1.3.6.1.4.1.311.60.2.1.3": "Jurisdiction Country-Name",
+        "1.3.6.1.4.1.311.60.2.1.1": "Jurisdiction Locality-Name",
+        "1.3.6.1.4.1.311.60.2.1.2": "Jurisdiction State Or Province Name",
+        "2.5.4.15": "Business Category",
+        "2.5.4.16": "Postal Address",
+        "2.5.4.17": "Postal Code",
+        "1.2.643.3.131.1.1": "Inn",
+        "1.2.643.100.1": "Ogrn",
+        "1.2.643.100.3": "Snils",
+        "1.2.840.113549.1.9.2": "Unstructured Name",
+        // OID for pkcs-9-at-extensionRequest
+        "1.2.840.113549.1.9.14": "Extension Request",
+        // OID for basicConstraint
+        "2.5.29.19": "Basic Constraint"
+    }
+    if (!(oid in map)) {
+        throw new Error("oid not recognized: " + oid)
+    }
+    return map[oid]
+}
+
+export const extractCSR = (csrPemString: string) => {
+    // Decode PEM to DER
+    const pemHeader = "-----BEGIN CERTIFICATE REQUEST-----";
+    const pemFooter = "-----END CERTIFICATE REQUEST-----";
+    const pemContents = csrPemString.substring(pemHeader.length, csrPemString.length - pemFooter.length);
+    const binaryDerString = window.atob(pemContents);
+    const binaryDer = new Uint8Array(binaryDerString.length);
+    for (let i = 0; i < binaryDerString.length; i++) {
+        binaryDer[i] = binaryDerString.charCodeAt(i);
+    }
+
+    // Parse DER encoded CSR
+    const asn1 = fromBER(binaryDer.buffer);
+    if (asn1.offset === -1) {
+        throw new Error("Error parsing certificate request");
+    }
+
+    // Load CSR object
+    const csr = new CertificationRequest({ schema: asn1.result });
+
+    // Extract subject information from CSR
+    const subjects = csr.subject.typesAndValues.map(typeAndValue => ({
+        type: oidToName(typeAndValue.type),
+        value: typeAndValue.value.valueBlock.value
+    }));
+
+    // Look for extensions attribute in CSR
+    const attributes = csr.attributes?.map(typeAndValue => ({
+        type: oidToName(typeAndValue.type),
+        value: typeAndValue.values
+    }))
+    return { subjects }
+}
+
+export const extractCert = (certPemString: string) => {
+    if (certPemString == "" || certPemString == "rejected") { return }
+    // Decode PEM to DER
+    const pemHeader = "-----BEGIN CERTIFICATE-----";
+    const pemFooter = "-----END CERTIFICATE-----";
+    const pemContents = certPemString.substring(pemHeader.length, certPemString.length - pemFooter.length);
+    const binaryDerString = window.atob(pemContents);
+    const binaryDer = new Uint8Array(binaryDerString.length);
+    for (let i = 0; i < binaryDerString.length; i++) {
+        binaryDer[i] = binaryDerString.charCodeAt(i);
+    }
+
+    // Parse DER encoded certificate
+    const asn1 = fromBER(binaryDer.buffer);
+    if (asn1.offset === -1) {
+        throw new Error("Error parsing certificate");
+    }
+
+    // Load Certificate object
+    const cert = new Certificate({ schema: asn1.result });
+
+    // Extract relevant information from certificate
+    const subject = cert.subject.typesAndValues.map(typeAndValue => ({
+        type: typeAndValue.type,
+        value: typeAndValue.value.valueBlock.value
+    }));
+
+    const issuer = cert.issuer.typesAndValues.map(typeAndValue => ({
+        type: typeAndValue.type,
+        value: typeAndValue.value.valueBlock.value
+    }));
+
+    const notBefore = cert.notBefore.value.toString();
+    const notAfter = cert.notAfter.value.toString();
+
+    return { notAfter }
+}
\ No newline at end of file