Carl Tashian
Carl Tashian
Hi @sergeysedoy97, this feature is not on our short-term road map. The current best option is to run a CA for each intermediate. It's now easier to manage this on...
@sergeysedoy97 You'd need to run multiple instances of `step-ca` on different ports or domains, with different contexts & intermediates.
Hi @sergeysedoy97 and @jenisov, the JWT tokens generated by `step ca token` are short-lived (5 minute expiry) tokens. The design goal is for you to be able to generate the...
@LecrisUT `step-ca` and certificate templates only support X.509 and SSH certificates, and Nebula certificates are not X.509. So, the CA would have to support Nebula's certificate format first. I think...
Hi @spyesx, I was able to reproduce this as well. I think this is docker/compose#3270 in the wild. Because of the volume mount, you may need to add a layer...
Yes, I think we can close this for now and revisit if/when the Compose bug is fixed.
https://www.youtube.com/watch?v=hj7LRuusFqo
@strarsis Thanks for the report. I have a couple questions. 1. Are you able to reach the CA's health check endpoint and get a `{"status":"ok"}` response? The endpoint is `https://ca_host:port/health`...
@strarsis Please provide more details about the environment and steps to reproduce, so we can test this. Thanks
Hi @tomdaley92, The health check just runs `step ca health`, which uses the CA url and fingerprint configured in `/home/step/config/defaults.json` in the container. To get the health check working on...