jessepeterson
commented
1 year ago mysqlscepserver which uses this repo might give some inspiration. Most of it is in depot.go. To sign stuff in your own way you'll probably want to implement something that satisfies CSRSigner as you pass that off to a new scep service.
However, I would seriously consider looking into step-ca (which supports SCEP).
Hi,
Can you please provide guidelines and an example of how you may add a new provider to Depot?
I'm trying to extend scepserver so it can be using AWS KMS RSA keys, via PKCS11.
Before I go too far down this attempt, what would you recommend be the implementation approach?