diff --git a/.github/workflows/deploy-context-dev.yml b/.github/workflows/deploy-context-dev.yml
new file mode 100644
index 00000000..eaa7931c
--- /dev/null
+++ b/.github/workflows/deploy-context-dev.yml
@@ -0,0 +1,46 @@
+name: Deploy context (Dev)
+
+on:
+  workflow_dispatch:
+
+permissions:
+  contents: read
+
+concurrency:
+  group: deploy-context-dev
+  cancel-in-progress: false
+
+jobs:
+  build-and-deploy:
+    name: Build and deploy /context to CloudFront (Dev)
+    runs-on: ubuntu-latest
+    env:
+      S3_BUCKET: ${{ secrets.S3_BUCKET_CONTEXT_DEV }}
+      CF_DISTRIBUTION: ${{ secrets.CLOUDFRONT_DISTRIBUTION_ID_DEV }}
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Build context files
+        run: bash scripts/copy-files.sh
+
+      - name: Configure AWS credentials
+        uses: aws-actions/configure-aws-credentials@v4
+        with:
+          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID_DEV }}
+          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY_DEV }}
+          aws-region: ap-southeast-1
+
+      - name: Sync context JSON to S3
+        run: |
+          aws s3 sync ./public/context "s3://${S3_BUCKET}/context/" \
+            --delete \
+            --content-type "application/json" \
+            --cache-control "public, max-age=31536000, immutable"
+
+      - name: Invalidate CloudFront /context/*
+        run: |
+          aws cloudfront create-invalidation \
+            --distribution-id "${CF_DISTRIBUTION}" \
+            --paths "/context/*"
diff --git a/.github/workflows/deploy-context-prod.yml b/.github/workflows/deploy-context-prod.yml
new file mode 100644
index 00000000..aff6c444
--- /dev/null
+++ b/.github/workflows/deploy-context-prod.yml
@@ -0,0 +1,48 @@
+name: Deploy context (Production)
+
+on:
+  workflow_dispatch:
+
+permissions:
+  contents: read
+
+concurrency:
+  group: deploy-context-prod
+  cancel-in-progress: false
+
+jobs:
+  build-and-deploy:
+    name: Build and deploy /context to CloudFront (Production)
+    runs-on: ubuntu-latest
+    env:
+      S3_BUCKET: ${{ secrets.S3_BUCKET_CONTEXT_PROD }}
+      CF_DISTRIBUTION: ${{ secrets.CLOUDFRONT_DISTRIBUTION_ID_PROD }}
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+        with:
+          ref: main
+
+      - name: Build context files
+        run: bash scripts/copy-files.sh
+
+      - name: Configure AWS credentials
+        uses: aws-actions/configure-aws-credentials@v4
+        with:
+          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
+          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+          aws-region: ap-southeast-1
+
+      - name: Sync context JSON to S3
+        run: |
+          aws s3 sync ./public/context "s3://${S3_BUCKET}/context/" \
+            --delete \
+            --content-type "application/json" \
+            --cache-control "public, max-age=31536000, immutable"
+
+      - name: Invalidate CloudFront /context/*
+        run: |
+          aws cloudfront create-invalidation \
+            --distribution-id "${CF_DISTRIBUTION}" \
+            --paths "/context/*"
diff --git a/package-lock.json b/package-lock.json
index 2a342c9a..19274d19 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -33008,13 +33008,13 @@
     },
     "packages/w3c": {
       "name": "@trustvc/w3c",
-      "version": "2.0.1",
+      "version": "2.0.2",
       "license": "Apache-2.0",
       "dependencies": {
-        "@trustvc/w3c-context": "^2.0.1",
-        "@trustvc/w3c-credential-status": "^2.0.1",
-        "@trustvc/w3c-issuer": "^2.0.1",
-        "@trustvc/w3c-vc": "^2.0.1"
+        "@trustvc/w3c-context": "^2.0.2",
+        "@trustvc/w3c-credential-status": "^2.0.2",
+        "@trustvc/w3c-issuer": "^2.0.2",
+        "@trustvc/w3c-vc": "^2.0.2"
       },
       "engines": {
         "node": ">=18.x"
@@ -33022,7 +33022,7 @@
     },
     "packages/w3c-context": {
       "name": "@trustvc/w3c-context",
-      "version": "2.0.1",
+      "version": "2.0.2",
       "license": "Apache-2.0",
       "dependencies": {
         "did-resolver": "^4.1.0",
@@ -33114,11 +33114,11 @@
     },
     "packages/w3c-credential-status": {
       "name": "@trustvc/w3c-credential-status",
-      "version": "2.0.1",
+      "version": "2.0.2",
       "license": "Apache-2.0",
       "dependencies": {
-        "@trustvc/w3c-context": "^2.0.1",
-        "@trustvc/w3c-issuer": "^2.0.1",
+        "@trustvc/w3c-context": "^2.0.2",
+        "@trustvc/w3c-issuer": "^2.0.2",
         "base64url-universal": "^2.0.0",
         "pako": "^2.1.0"
       },
@@ -33128,7 +33128,7 @@
     },
     "packages/w3c-issuer": {
       "name": "@trustvc/w3c-issuer",
-      "version": "2.0.1",
+      "version": "2.0.2",
       "license": "Apache-2.0",
       "dependencies": {
         "@digitalbazaar/bls12-381-multikey": "^2.1.0",
@@ -33145,7 +33145,7 @@
     },
     "packages/w3c-vc": {
       "name": "@trustvc/w3c-vc",
-      "version": "2.0.1",
+      "version": "2.0.2",
       "license": "Apache-2.0",
       "dependencies": {
         "@digitalbazaar/bbs-2023-cryptosuite": "^2.0.1",
@@ -33154,8 +33154,8 @@
         "@digitalbazaar/ecdsa-multikey": "^1.8.0",
         "@digitalbazaar/ecdsa-sd-2023-cryptosuite": "^3.4.1",
         "@mattrglobal/jsonld-signatures-bbs": "^1.2.0",
-        "@trustvc/w3c-credential-status": "^2.0.1",
-        "@trustvc/w3c-issuer": "^2.0.1",
+        "@trustvc/w3c-credential-status": "^2.0.2",
+        "@trustvc/w3c-issuer": "^2.0.2",
         "base64url-universal": "^2.0.0",
         "cbor": "^9.0.2",
         "did-resolver": "^4.1.0",
diff --git a/package.json b/package.json
index b4fa99d3..2f0bced0 100644
--- a/package.json
+++ b/package.json
@@ -15,7 +15,6 @@
     "lint": "nx run-many --target=lint",
     "lint:fix": "nx run-many --target=lint --fix",
     "build": "nx run-many --target=build",
-    "copy-files": "bash ./scripts/copy-files.sh",
     "clean": "nx clear-cache && nx run-many --target=clean",
     "dev": "nx run-many --target=dev",
     "precommit": "lint-staged",
diff --git a/packages/w3c-context/README.md b/packages/w3c-context/README.md
index b8ca512b..e7e390a7 100644
--- a/packages/w3c-context/README.md
+++ b/packages/w3c-context/README.md
@@ -72,6 +72,7 @@ The package includes the following pre-cached contexts:
 - `https://trustvc.io/context/render-method-context.json` - Render Methods
 - `https://trustvc.io/context/attachments-context.json` - Attachments
 - `https://trustvc.io/context/qrcode-context.json` - QR Code
+- `https://trustvc.io/context/opencerts-context.json` - OpenCerts Certificate
 - `https://trustvc.io/context/bill-of-lading.json` - Bill of Lading
 - `https://trustvc.io/context/bill-of-lading-carrier.json` - Bill of Lading Carrier
 - `https://trustvc.io/context/coo.json` - Certificate of Origin
diff --git a/packages/w3c-context/src/context/opencerts-demo-context.json b/packages/w3c-context/src/context/opencerts-demo-context.json
new file mode 100644
index 00000000..49b80580
--- /dev/null
+++ b/packages/w3c-context/src/context/opencerts-demo-context.json
@@ -0,0 +1,29 @@
+{
+  "@context": {
+    "@version": 1.1,
+    "@protected": true,
+    "OpenCertsCertificate": "https://example.com/#OpenCertsCertificate",
+    "name": "https://schema.org/name",
+    "description": "https://schema.org/description",
+    "issuedOn": "https://schema.org/dateIssued",
+    "admissionDate": "https://example.com/#admissionDate",
+    "graduationDate": "https://example.com/#graduationDate",
+    "recipient": "https://example.com/#recipient",
+    "nric": "https://example.com/#nric",
+    "course": "https://schema.org/course",
+    "transcript": "https://example.com/#transcript",
+    "grade": "https://example.com/#grade",
+    "courseCredit": "https://example.com/#courseCredit",
+    "courseCode": "https://example.com/#courseCode",
+    "examinationDate": "https://example.com/#examinationDate",
+    "semester": "https://example.com/#semester",
+    "additionalData": "https://example.com/#additionalData",
+    "merit": "https://example.com/#merit",
+    "studentId": "https://example.com/#studentId",
+    "transcriptId": "https://example.com/#transcriptId",
+    "certSignatories": "https://example.com/#certSignatories",
+    "signature": "https://example.com/#signature",
+    "position": "https://schema.org/jobTitle",
+    "organisation": "https://example.com/#organisation"
+  }
+}
diff --git a/packages/w3c-context/src/lib/index.ts b/packages/w3c-context/src/lib/index.ts
index 54ae1570..aabc8a90 100644
--- a/packages/w3c-context/src/lib/index.ts
+++ b/packages/w3c-context/src/lib/index.ts
@@ -16,6 +16,7 @@ import jwsV1 from '../context/jws-2020-v1.json';
 import multikeyV1 from '../context/multikey-v1.json';
 import promissoryNoteContext from '../context/promissory-note.json';
 import qrCodeContext from '../context/qrcode-context.json';
+import opencertsContext from '../context/opencerts-demo-context.json';
 import renderContext from '../context/render-method-context.json';
 import renderContextV2 from '../context/render-method-context-v2.json';
 import statusList2021V1 from '../context/status-list-2021-v1.json';
@@ -38,6 +39,7 @@ export const RENDER_CONTEXT_URL = 'https://trustvc.io/context/render-method-cont
 export const RENDER_CONTEXT_V2_URL = 'https://trustvc.io/context/render-method-context-v2.json';
 export const ATTACHMENTS_CONTEXT_URL = 'https://trustvc.io/context/attachments-context.json';
 export const QRCODE_CONTEXT_URL = 'https://trustvc.io/context/qrcode-context.json';
+export const OPENCERTS_CONTEXT_URL = 'https://trustvc.io/context/opencerts-context.json';
 
 export const BOL_CONTEXT_URL = 'https://trustvc.io/context/bill-of-lading.json';
 export const BOLC_CONTEXT_URL = 'https://trustvc.io/context/bill-of-lading-carrier.json';
@@ -85,6 +87,7 @@ export const templateContexts: { [key: string]: Document } = {
   [INVOICE_CONTEXT_URL]: invoiceContext,
   [PROMISSORY_NOTE_CONTEXT_URL]: promissoryNoteContext,
   [WAREHOUSE_RECEIPT_CONTEXT_URL]: warehouseReceiptContext,
+  [OPENCERTS_CONTEXT_URL]: opencertsContext,
 };
 
 export const CredentialContextVersion = {
diff --git a/scripts/copy-files.sh b/scripts/copy-files.sh
index ba0ce714..dee0f885 100644
--- a/scripts/copy-files.sh
+++ b/scripts/copy-files.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 
-### THIS SCRIPT IS NEEDED TO HOST THE CONTEXT FILES ON "https://trustvc.io/context/<file-name>" THROUGH NETLIFY
+### THIS SCRIPT STAGES THE CONTEXT FILES IN ./public/context FOR DEPLOYMENT TO S3 + CLOUDFRONT
 
 # Define the source and destination directories
 SOURCE_DIR="./packages/w3c-context/src/context"
@@ -13,17 +13,24 @@ rm -rf ./public
 mkdir -p "$DEST_DIR"
 
 # List of files to copy
-FILES=("attachments-context.json" "bill-of-lading.json" "bill-of-lading-carrier.json" "coo.json" "invoice.json" "promissory-note.json" "qrcode-context.json" "render-method-context.json" "transferable-records-context.json" "warehouse-receipt.json")
+FILES=(
+  "attachments-context.json"
+  "bill-of-lading.json"
+  "bill-of-lading-carrier.json"
+  "coo.json"
+  "invoice.json"
+  "opencerts-demo-context.json"
+  "promissory-note.json"
+  "qrcode-context.json"
+  "render-method-context.json"
+  "transferable-records-context.json"
+  "warehouse-receipt.json"
+)
 
 # Copy each file
 for FILE in "${FILES[@]}"; do
   cp "$SOURCE_DIR/$FILE" "$DEST_DIR/"
 done
 
-echo "[[headers]]
-  for = \"/*\"
-  [headers.values]
-    Access-Control-Allow-Origin = \"*\"" > ./public/netlify.toml
-
 # Optional: output a message when done
 echo "Files have been copied to $DEST_DIR"