certificates icon indicating copy to clipboard operation
certificates copied to clipboard

Published 20 hours ago verified publisher icon smallstep

step-pkcs11-init improvements

Open maraino opened this issue 3 years ago • 0 comments
trafficstars

Description

Although step-pkcs11-init is intended as a script that can be modified for specific purposes, it lacks a specific functionality that should be useful, being able to sign an intermediate certificate with a root present on the same module. Currently with --root-gen=false either a CSR is created or the intermediate is signed with a key on disk.

We should also add some extra help and checks to avoid issues like using --root-gen false instead of --root-gen=false, see https://github.com/smallstep/certificates/issues/918

maraino avatar May 04 '22 19:05 maraino