User Tools

Site Tools


hosts:enclave:step-ca

Step CA

Port(s) 443
Publicly Accessible? No
Upstream Step CA

Provides internal certificates through ACME. As our network is trusted, this is mostly unused, and only exists for a few services that refuse to run properly without .

Data directories

  • /var/lib/step-ca/

Here is our CA certificate:

-----BEGIN CERTIFICATE-----
MIIBlzCCAT2gAwIBAgIQEcmEsApMPiF6dPsDH6kTBTAKBggqhkjOPQQDAjAqMQ8w
DQYDVQQKEwZUQVJESVMxFzAVBgNVBAMTDlRBUkRJUyBSb290IENBMB4XDTIyMDky
MzEyNTQ0N1oXDTMyMDkyMDEyNTQ0N1owKjEPMA0GA1UEChMGVEFSRElTMRcwFQYD
VQQDEw5UQVJESVMgUm9vdCBDQTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABK8C
gt7UMC38QlJkUP0kMBKUYaAsURqEDQwWSUO+IfcMDVellwlB/x9vlVadlN7DaWFa
YxV9pZ+Lfa+AfO57JFqjRTBDMA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAG
AQH/AgEBMB0GA1UdDgQWBBSNPkp/zPziiJMbV8ePJOw0IdcZETAKBggqhkjOPQQD
AgNIADBFAiEAv/DpsYXAKbgpT2UGavkEqIKkmNk3p4Hp7rQQDb4CihYCIBJg1KHr
NJUNX54vDKcfosJVtz8OwYZSvMdGmdLVlceE
-----END CERTIFICATE-----

Configuration locations

Handled declaratively by Nix

hosts/enclave/step-ca.txt · Last modified: 2022/09/27 00:24 by tcmal