Add ability to list/download all unrevoked signed certificates

[liujed]

What would you like to be added

Please add the ability to list or download all unrevoked signed certificates from a step-ca instance.

Why this is needed

Right now, it feels like step-ca is a bit of a blackhole. It happily signs certificates, but there is no good way of seeing what certificates are out there are still valid or what's about to expire. It would be nice to be able to get this information without having to go through the entire history of logs.

[dopey]

Hey @liujed thanks for opening up this issue.

Related to #239 and #282.

The short story is that we're actively working on this. We're building a frontend for the hosted version of step-ca (essentially just us running the open source for users) that will have certificate observability features that will allow users to list, query, and alert on various certificate features. In short order we'll release a feature that allows users running the open source to connect their CAs to our frontend dashboard.

In doing this work for the product, we've written a sql backend for the db which will be merged into the open source soon. This will enable you to query the certificates table with all the features of SQL.

Let us know if you have suggestions / recommendations for features of this cert-observability tooling that you'd like to see. And definitely if you have thoughts on what migration should look like (most users are probably running the default Badger DB which will need to be migrated to take advantage of these features).

[TheSecMaven]

Hey, any progress on this? We have a use case for this, willing to contribute. Let me know!