How to use SubtleCrypto in chrome (window.crypto.subtle is undefined)

This is really embarassing

on virtually any site on the internet,



SubtleCrypto {}
  __proto__: SubtleCrypto

in the chrome console (v61 (Official Build) (64-bit))

except for

my webpage, and





according to it's a read-only property that should always return a SubtleCrypto object.

what could I have done, or what has done that it could possibly not?

ps: in firefox it seems to work as intended on both my site and



According to the spec (via Github issues) a la this Google page for WebCrypto:

crypto.subtle is supposed to be undefined in insecure contexts


check your URL's

if it is https://localhost:PORT or or

change it to proper hostname URL something like http://localhost:PORT

worked for me! Thanks @Zmart


It would appear you have to use sites with https://...... and not vanilla http://....

From the spec - easy to miss (and linked by Zmart, above):

Access to the WebCrypto API is restricted to secure origins (which is to say https:// pages).


You can use Forge which is a crypto library that has same functionality like window.crypto. It has all crypto algorithms for your needs.

You can use forge instead of window.crypto when you run your services over http.

Be aware that APIs are very different and you need to write different code for cryptography using forge than using window.crypto. You need to read forge docs to make specific cryptography method work for your use case. You CAN NOT use same code that works in window.crypto.subtle when using forge you need to find your own way how to use forge for encryption.

For your reference to see how forge vs window.crypto.subtle codes are different read below.

I have translated window.crypto.subtle based app to use forge.

  • original code with window.crypto.subtle: here

  • code translated to use forge, can run on http without TLS: here


Recent Questions

Top Questions

Home Tags Terms of Service Privacy Policy DMCA Contact Us

©2020 All rights reserved.