34 lines
1.3 KiB
Markdown
34 lines
1.3 KiB
Markdown
# step-ca
|
|
step-ca ready to go for your internal network.
|
|
|
|
this project was setup for use with nginx-proxy in a local network environment to run several services with hopefully network-wide trusted certificates.
|
|
|
|
# configuration
|
|
there's not much to configure with step-ca. to setup a new `.env` file you can either run the `setup.sh` script or just copy the `env.sample` file to `.env` and configure the values the way you like. if you do the configuration manually don't forget to create the data directory.
|
|
|
|
the default port is 9000 and does not have to be changed except that port is already in use on your system.
|
|
|
|
all the rest is default step-ca configuration (see the [docs](https://smallstep.com/docs/step-ca/)).
|
|
|
|
# initialization
|
|
after running the container you may want enable acme as this is not the case by default. just run the following command
|
|
|
|
docker compose exec step-ca step ca provisioner add acme --type ACME
|
|
|
|
or connect to a container shell and run the command there.
|
|
|
|
after that you should be able to use your own ca with an acme client.
|
|
|
|
details: https://smallstep.com/docs/step-ca/provisioners#acme
|
|
|
|
# links
|
|
* step-ca docs
|
|
https://smallstep.com/docs/step-ca/
|
|
* docker tls ca
|
|
https://smallstep.com/docs/tutorials/docker-tls-certificate-authority
|
|
* github
|
|
https://github.com/smallstep/certificates
|
|
|
|
2022-11-04
|
|
dede
|