Access CA without the use of Tokens #533
Unanswered
prosticoco
asked this question in
Q&A
Replies: 1 comment 5 replies
-
Alternatively, I can use the tokens but I need a way to generate them programmatically |
Beta Was this translation helpful? Give feedback.
5 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Hello, I would like to setup a PKI for an organization which would include multiple CAs (for fine-grained access control reasons) which would be responsible for issuing client-side certificates. Ideally, a client would register by authenticating with user/pwd to a preexisting web server which should then contact the corresponding CA (depending on the user) to issue a certificate.
To this end, I would want to run multiple instances of
step-ca
(all on the same machine as the web server) and be able to access their functionalities (sign,revoke etc..) programmatically from an https go server using the go client wrapper.Ideally, for readibility/cleanliness reasons, I want to avoid using/hardcoding bash commands to set the STEPPATH/ generate Tokens) and would just want to access the CAs using mTLS (for authenticating the client) in go. However, I did not find any documentation for accessing the CAs functionality via https without manually generating tokens using the CLI.
Thank you for your help!
Beta Was this translation helpful? Give feedback.
All reactions