Max

@maraino You hit all the points that I wanted to suggest. Mainly that starting from scratch is not a bad option if you're not heavily relying on passive revocation. In...

Hey @hlobit while that process may work, hold on before you go into it. I think it may be easier to just go in and delete the tables that you...

```package main import ( "fmt" "os" "github.com/smallstep/nosql" ) var tables = []string{ "used_ott", "revoked_x509_certs", "x509_certs", //"acme_accounts", //"acme_keyID_accountID_index", "acme_authzs", "acme_challenges", "nonces", "acme_orders", "acme_account_orders_index", "acme_certs", } func main() { db, err :=...

Hey @hlobit, what version of Badger are you running? Looks like it may be V2. If so, then you should be able to install the badger cmd line tool and...

Hey @kbabioch this is a great idea. Distribution can be a bit of a struggle but this seems like an easy win for operators.

A temporary workaround here would be to use the default PKI when starting up the CA. Then create a new admin using `step ca admin add`, and use a name...

We're treating the current behavior as a "feature". You should be able to revoke certificates that are not in the DB in case the DB was lost or deleted but...

Hey @sebastien-baillet, thanks for opening the issue! This is a great point, although I would not necessarily call it a "bug" (I won't relabel for now though). Yes, you can...

Now, having said that, It would certainly be nice to catch this at signing time so users don't shoot themselves in the foot. Just not sure what the expected behavior...

Hey @nneul thanks for opening the issue! We've added to our internal roadmap - will let you know if/when there are status changes. Would love to know if there's more...