certificates
certificates copied to clipboard
smallstep
🛡️ A private certificate authority (X.509 & SSH) & ACME server for secure automated certificate management, so you can use TLS everywhere & SSO for SSH.
Right now it exits without contacting the CA
FreeBSD uses an rc.d framework for starting up applications. The pidfile is a special case because it is used by the rc system itself. It's used to tell rc how...
I have some pre-setup keys in AWS, I want to use these for smallstep. It appears that step-awskms-init wants to use it's own key names and won't allow me to...
### What would you like to be added It's documented [here](https://smallstep.com/docs/step-ca/basic-certificate-authority-operations#adjust-certificate-lifetimes) how you can adjust the default, min and max durations of the CA, by editing ca.json. It would be...
I have just found that ACME now support S/MIME via [rfc8823](https://datatracker.ietf.org/doc/rfc8823/). While the implementations of this is still ongoing, there is already a client being developed ontop of certbot: [polhenarejos/acme_email](https://github.com/polhenarejos/acme_email)....
### What would you like to be added I would like to be able to restrict the types of keys clients are allowed to submit to the CA for SSH...
### What would you like to be added I'd like to have the option to not have the HSM pin stored in a configuration file, but instead be required to...
Hi, I am posting this here as I think this could interest a lot of people, and I did not find anything regarding this matter in the repository (maybe I...
### Subject of the issue When the initial http-01 challenge is sent to port 80, it is valid to accept redirects. Often, ingress servers are configured to automatically redirect all...
### Revocation of x509 cert by serial does not check the serial number When a certificate is revoked by serial number, the given serial number is added as-is to the...
