cli icon indicating copy to clipboard operation
cli copied to clipboard

Published 20 hours ago verified publisher icon smallstep

[docs]: usage of 'ca token' unclear

Open philfry opened this issue 8 months ago • 0 comments

Hello!

  • Vote on this issue by adding a 👍 reaction
  • If you want to document this feature, comment to let us know (we'll work with you on design, scheduling, etc.)

Affected area/feature

Re: step ca token

(1) The help text states that --not-after and --not-before are used for the certificate validity. After (running into this and) looking into command/ca/token.go I found that these flags are for the token validity, not the certificate.

(2) --cert-not-after and --cert-not-before are described as This flag is only supported on SSH certificates. But I found no evidence in command/ca/token.go or in utils/cautils that this is true – it seems to work both for ssh and non-ssh tokens. Also, if it only applied to ssh certs, dedicated non-ssh cert options would be missing.

philfry avatar Nov 16 '23 10:11 philfry