certificates icon indicating copy to clipboard operation
certificates copied to clipboard

Published 20 hours ago verified publisher icon smallstep

RA refactor

Open maraino opened this issue 3 years ago • 0 comments
trafficstars

Description

Instead of using a JWK/X5c provisioner to request the signing of the certificate to the CA, we can implement some kind of authenticated API similar to Google CAS that defines the certificate that we want to sign.

The CA should always have the right to enforce a template, but the RA should be able to suggest one, as well as be able to define the provisioner extension.

We should add support RA support for SSH certificates.

maraino avatar Aug 05 '22 02:08 maraino