Can I set a default key algorithm per authority/provisioner? :

Can I set a default key algorithm per authority/provisioner? Print

Created by: Hunter Hawke

Modified on: Tue, 28 Jun, 2022 at 1:22 PM

The `step` CLI generates keys client-side, so it's not possible to enforce these defaults on your authority.

Alternatively, it is possible to either set a default --kty in your defaults.json configuration or by setting it as an environment variable.

You can pass flags to step using environment variables, using STEP_<flag>. For example, STEP_KTY=RSA step ca certificate ... is equivalent to step ca certificate ... --kty=RSA. Command flags have precedence over environment variable flags, which in turn have precedence over the values in the configuration file.

Hunter is the author of this solution article.

Did you find it helpful? Yes No

Can I set a default key algorithm per authority/provisioner? Print

Related Articles