Development of Web Application for Certificate Automation using Cloudflare DNS API and ZeroSSL

Fredian Simanjuntak; Gary Happydinata`; Herman

Authors

Fredian Simanjuntak Universitas International Batam
Gary Happydinata` Universitas International Batam
Herman Universitas Internasional Batam

Keywords:

SSL Automation, Cloudflare DNS API, ZeroSSL, Agile Scrum, Certificate Lifecycle Management

Abstract

Existing SSL/TLS automation tools were largely server-centric and required host-level configuration. These limitations increased complexity in distributed and multi-domain environments. This study proposed a centralized web-based SSL certificate automation system. The system integrated the Cloudflare DNS API and ZeroSSL REST API for certificate lifecycle management. The research adopted the Agile Scrum methodology during system development. An asynchronous queue-based architecture was implemented to support concurrent certificate issuance. The architecture reduced API rate-limit constraints. Automated Domain Validation (DV) was successfully performed through DNS integration. The system centralized certificate storage and monitoring. The interface simplified administrator operations. Configuration errors were reduced during certificate deployment. Operational efficiency was improved for distributed infrastructures. A usability evaluation was conducted with 25 technical practitioners. The evaluation produced a System Usability Scale mean score of 83.5 with a standard deviation of 6.7. The findings indicated excellent user acceptance and system usability. In conclusion, the proposed system effectively automated SSL certificate management through a centralized and usability-oriented approach. The system also minimized operational overhead and dependency on host-level configuration.

References

Y. Wang et al., “Identifying vulnerabilities of SSL/TLS certificate verification in Android apps with static and dynamic analysis,” J. Syst. Softw., vol. 167, p. 110609, Sep. 2020, doi: 10.1016/j.jss.2020.110609.

Y. Zhu, E. Haihong, and M. Song, “A Scheduling System for Big Data Hybrid Computing Workflow,” in 2020 IEEE 11th International Conference on Software Engineering and Service Science (ICSESS), Beijing, China: IEEE, Oct. 2020, pp. 102–106. doi: 10.1109/ICSESS49938.2020.9237729.

J. Aas et al., “Let’s Encrypt: An Automated Certificate Authority to Encrypt the Entire Web,” in Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security, London United Kingdom: ACM, Nov. 2019, pp. 2473–2487. doi: 10.1145/3319535.3363192.

T. V. Doan, I. Tsareva, and V. Bajpai, “Measuring DNS over TLS from the Edge: Adoption, Reliability, and Response Times,” in Passive and Active Measurement, vol. 12671, O. Hohlfeld, A. Lutu, and D. Levin, Eds., in Lecture Notes in Computer Science, vol. 12671. , Cham: Springer International Publishing, 2021, pp. 192–209. doi: 10.1007/978-3-030-72582-2_12.

H. Lee, D. Kim, and Y. Kwon, “TLS 1.3 in Practice: How TLS 1.3 Contributes to the Internet,” in Proceedings of the Web Conference 2021, Ljubljana Slovenia: ACM, Apr. 2021, pp. 70–79. doi: 10.1145/3442381.3450057.

J. Göppert, A. Walz, and A. Sikora, “A Generic Credential Management Model for Secure Field-Level Communication in IIoT Networks,” IEEE Access, vol. 14, pp. 18799–18811, 2026, doi: 10.1109/ACCESS.2026.3659483.

A. Liu, A. Alqazzaz, H. Ming, and B. Dharmalingam, “Iotverif: Automatic Verification of SSL/TLS Certificate for IoT Applications,” IEEE Access, vol. 9, pp. 27038–27050, 2021, doi: 10.1109/ACCESS.2019.2961918.

J. Astorga, M. Barcelo, A. Urbieta, and E. Jacob, “How to Survive Identity Management in the Industry 4.0 Era,” IEEE Access, vol. 9, pp. 93137–93151, 2021, doi: 10.1109/ACCESS.2021.3092203.

A. L. Rotthaler, H. S. Ramulu, L. Simko, S. Fahl, and Y. Acar, “‘It’s Time. Time for Digital Security.’: An End User Study on Actionable Security and Privacy Advice,” in 2025 IEEE Symposium on Security and Privacy (SP), San Francisco, CA, USA: IEEE, May 2025, pp. 2228–2245. doi: 10.1109/SP61157.2025.00100.

R. Matsumoto, K. Rikitake, and K. Kuribayashi, “Large-scale Certificate Management on Multi-tenant Web Servers,” J. Inf. Process., vol. 27, no. 0, pp. 650–657, 2019, doi: 10.2197/ipsjjip.27.650.

Firkhan Ali Hamid Ali, Mohd Khairul Amin Mohd Sukri, Mohd Zalisham Jali, Muhammad Al-Fatih, and Mohd Azhari Mohd Yusof, “Web-Based Reporting Vulnerabilities System for Cyber Security Maintenance,” J. Adv. Res. Appl. Sci. Eng. Technol., vol. 29, no. 3, pp. 198–205, Feb. 2023, doi: 10.37934/araset.29.3.198205.

Y. Fidaner, A. Coskun, and T. Ergun, “S/MIME Certificate Test Suite,” Eurasia Proc. Sci. Technol. Eng. Math., vol. 24, pp. 83–88, Dec. 2023, doi: 10.55549/epstem.1406237.

D. Aryachandra, I. Fikri Yanto, M. Miftahul Khair, and M. Reza Sah Pahlevi, “Menyembunyikan Alamat IP Webserver dengan Proxy Dns Records Cloudflare,” J. Sos. Teknol., vol. 4, no. 4, pp. 218–226, Apr. 2024, doi: 10.59188/jurnalsostech.v4i4.1221.

F. B. Manolache and O. Rusu, “Automated SSL/TLS Certificate Distribution System,” in 2021 20th RoEduNet Conference: Networking in Education and Research (RoEduNet), Iasi, Romania: IEEE, Nov. 2021, pp. 1–6. doi: 10.1109/RoEduNet54112.2021.9637722.

A. Aksoy, L. Valle, and G. Kar, “Automated Network Incident Identification through Genetic Algorithm-Driven Feature Selection,” Electronics, vol. 13, no. 2, p. 293, Jan. 2024, doi: 10.3390/electronics13020293.

P. S. Yadav, “Automation of Digital Certificate Lifecycle: Improving Efficiency and Security in IT Systems,” J. Math. Comput. Appl., pp. 1–4, Dec. 2022, doi: 10.47363/JMCA/2023(2)E107.

K. E. Ci̇Balik and C. Koçak, “Detection of SSL/TLS Implementation Errors in Android Applications,” Gazi Üniversitesi Fen Bilim. Derg. Part C Tasar. Ve Teknol., vol. 9, no. 2, pp. 211–219, Jun. 2021, doi: 10.29109/gujsc.878053.

P. Gregory, D. E. Strode, H. Sharp, and L. Barroca, “An onboarding model for integrating newcomers into agile project teams,” Inf. Softw. Technol., vol. 143, p. 106792, Mar. 2022, doi: 10.1016/j.infsof.2021.106792.

T. Tuunanen, R. Winter, and J. V. Brocke, “Dealing with Complexity in Design Science Research: A Methodology Using Design Echelons,” MIS Q., vol. 48, no. 2, pp. 427–458, Jun. 2024, doi: 10.25300/MISQ/2023/16700.

M. Göktürk, “An Interface Evaluation Model for Usability and Perceived Security,” IEEE Access, vol. 13, pp. 91989–92007, 2025, doi: 10.1109/ACCESS.2025.3572108.

C. Mou, “DNS is the Internet Pivotal Basics and Fundamental,” Int. J. Adv. Netw. Monit. Controls, vol. 7, no. 2, pp. 11–23, Jan. 2022, doi: 10.2478/ijanmc-2022-0012.

H. Park, K. Lim, D. Kim, D. Yu, and H. Koo, “Demystifying the Regional Phishing Landscape in South Korea,” IEEE Access, vol. 11, pp. 130131–130143, 2023, doi: 10.1109/ACCESS.2023.3333883.

R. Halder, D. Das Roy, and D. Shin, “A Blockchain-Based Decentralized Public Key Infrastructure Using the Web of Trust,” J. Cybersecurity Priv., vol. 4, no. 2, pp. 196–222, Mar. 2024, doi: 10.3390/jcp4020010.

I. F. Ashari, A. J. Aryani, and A. M. Ardhi, “Design and build inventory management information system using the Scrum method,” JSiI J. Sist. Inf., vol. 9, no. 1, pp. 27–35, Mar. 2022, doi: 10.30656/jsii.v9i1.4050.

A. Hounsel, K. Borgolte, P. Schmitt, J. Holland, and N. Feamster, “Comparing the Effects of DNS, DoT, and DoH on Web Performance,” in Proceedings of The Web Conference 2020, Taipei Taiwan: ACM, Apr. 2020, pp. 562–572. doi: 10.1145/3366423.3380139.