The `step` CLI generates keys client-side, so it's not possible to enforce these defaults on your authority.

Alternatively, it is possible to either set a default --kty in your defaults.json configuration or by setting it as an environment variable.

You can pass flags to step using environment variables, using STEP_<flag>. For example, STEP_KTY=RSA step ca certificate ... is equivalent to step ca certificate ... --kty=RSA. Command flags have precedence over environment variable flags, which in turn have precedence over the values in the configuration file.