Discover Packages
github.com/smallstep/cli
module
Version:
v0.15.17-rc3.crt-mgr
Opens a new window with list of versions in this module.
Published: Jun 3, 2021
License: Apache-2.0
Opens a new window with license information.
README
README
¶
Step CLI
step
is a toolkit for working with your public key infrastructure (PKI).
It's also the client counterpart to the step-ca
online Certificate Authority (CA).
Here's a quick example, combining step oauth
and step crypto
to get and verify the signature of a Google OAuth OIDC token:
Questions? Ask us on GitHub Discussions or Gitter .
Website |
Documentation |
Installation |
Getting Started |
Contributor's Guide
Features
Step CLI's command groups illustrate some of its uses:
step certificate
: Work with X.509 (TLS/HTTPS) certificates.
Create, revoke, validate, lint, and bundle X.509 certificates.
Install (and remove) X.509 certificates into your system's (and brower's) trust store.
Create key pairs (RSA, ECDSA, EdDSA) and certificate signing requests (CSRs)
Sign CSRs
Create RFC5280 and CA/Browser Forum -compliant certificates that work for TLS and HTTPS
Create CA certificates (root and intermediate signing certificates)
Create self-signed & CA-signed certificates
Inspect and lint certificates on disk or in use by a remote server
Install root certificates so your CA is trusted by default (issue development certificates that work in browsers )
step ca
: Set up your own CA, or make requests of any ACMEv2 (RFC8555 ) CA, including step-ca
. ACME is the protocol used by Let's Encrypt to automate the issuance of HTTPS certificates.
step crypto
: A general-purpose crypto toolkit
step oauth
: Add an OAuth 2.0 single sign-on flow to any CLI application.
Supports OAuth authorization code, out-of-band (OOB), JWT bearer, and refresh token flows
Get OAuth access tokens and OIDC identity tokens at the command line from any provider.
Verify OIDC identity tokens (step crypto jwt verify
)
step ssh
: Create and manage SSH certificates (requires an online or offline step-ca
instance)
Generate SSH user and host key pairs and short-lived certificates
Add and remove certificates to the SSH agent
Inspect SSH certificates
Login and use single sign-on SSH
Installation
See our installation docs here .
Further Reading
Expand ▾
Collapse ▴
Click to show internal directories.
Click to hide internal directories.