Closed spbkaizo closed 1 year ago
mysqlscepserver which uses this repo might give some inspiration. Most of it is in depot.go
. To sign stuff in your own way you'll probably want to implement something that satisfies CSRSigner as you pass that off to a new scep service.
However, I would seriously consider looking into step-ca (which supports SCEP).
I'm gonna close this issue as it's more of a discussion type thing. Feel free to join is the #micromdm
channel on the MacAdmins Slack to discuss, though!
Hi,
Can you please provide guidelines and an example of how you may add a new provider to Depot?
I'm trying to extend scepserver so it can be using AWS KMS RSA keys, via PKCS11.
Before I go too far down this attempt, what would you recommend be the implementation approach?