Issue certificates directly to a Yubikey
Edited
In addition to having the step CLI installed locally, you'll need to manually install open source step-kms-plugin. This plugin will be required to interface with your Yubikey. From there, you may use the following process to issue certificates:
step kms create 'yubikey:slot-id=9a' --kms 'yubikey:' step certificate create --csr --kms 'yubikey:' --key '9a' <subject> [<--san <san-value>] <csr-filename> step ca sign <csr-filename> <crt-filename> step kms certificate --import <crt-filename> 'yubikey:slot-id=9a'Was this article helpful?
Sorry about that! Care to tell us more?