Theron Spiegl
Theron Spiegl
This bug was uncovered by me as I was trying to use the SCEP provisioner to issue certificates through Vault. I'm exploring whether I'd be able to use ACME instead...
From @maraino's description, it sounds like the fix might be relatively straightforward? We're more or less blocked by this so I told the team I'd look into whether I could...
Exciting news, thank you! I will not be able to work on it this week unfortunately.
Hi @hslatman, any updates on this?
Thanks for the heads up. I'm finishing up another project and trying to switch focus back to this. We're eager to get this unblocked, is there anything I can do...
@hslatman I added a few lines to pass the intermediate certificates which has fixed the panic. Now I get an error thrown [here](https://github.com/smallstep/certificates/blob/d34f0f6a973adf989f7d24322ed112d51dc00cc7/authority/authority.go#L690) saying `failed to load softKMS: please define...
After some reckless commenting-out of signer-related code and turning errors into print statements, I've gotten it to where step-ca actually starts with Vault as the RA and the SCEP provisioner...
Okay, unfortunately I don't understand much of that so I guess I have some more code to read. What is the "decrypter approach"? Having a working decrypter but not a...
Thanks for the explanations, that clears up a lot. Had not seen the new flags for creating the SCEP provisioner. Do the RSA key and cert used by the SCEP...
The steps you've described here will still require changes to the codebase though, yes? If I follow the Vault RA and step-ca setup guides, cut an RSA cert from Vault,...