certificates
certificates copied to clipboard
smallstep
🛡️ A private certificate authority (X.509 & SSH) & ACME server for secure automated certificate management, so you can use TLS everywhere & SSO for SSH.
### Steps to Reproduce When trying to create a certificate, I need to enter the password. This was generated before by step-ca and looks like this: `OF'Wix)Z_Y1"Z'G[OL|vB9
### Steps to Reproduce Add a provisioner with a Key ID that has a `-` character at the start. I'm not sure how many generations of provisioner keys this may...
## Hello! - Vote on this issue by adding a 👍 reaction - If you want to implement this feature, comment to let us know (we'll work with you on...
## Hello! - Vote on this issue by adding a 👍 reaction - If you want to implement this feature, comment to let us know (we'll work with you on...
### Description With the support of SSH user certificates in the GCP provisioner, PR https://github.com/smallstep/certificates/pull/1558, we might want to add two new claims to turn off SSH user or host...
### Description When `step-ca` is backed by a database and the first SCEP provisioner is added, the CA needs to be restarted to create the SCEP authority. We should create...
## Hello! - Vote on this issue by adding a 👍 reaction - If you want to implement this feature, comment to let us know (we'll work with you on...
### Steps to Reproduce - Create a boilerplate CA - Modify the `"crt"` and/or `"key"` values using an environment variable, such as `${STEPPATH}` - Start `step-ca` ### Your Environment *...
The certificate will stop being valid as soon as the first certificate in the chain expires. However, if a user is running a `needs-renewal` check against only the leaf certificate...
Right now you have to use the DNS policy type if you want an allow/deny policy for YubiKey serial numbers or other hardware identifiers. It just happens to be DNS...
