🛡️ A private certificate authority (X.509 & SSH) & ACME server for secure automated certificate management, so you can use TLS everywhere & SSO for SSH.
If you want to document this feature, comment to let us know (we'll work with you on design, scheduling, etc.)
Affected area/feature
The "The Medium Way" section of the "Create a new Certificate Authority or an intermediate CA from your existing PKI" document boils down to (1) step ca init; (2) delete the root key; (3) replace the root cert and the intermediate cert and key.
Seems like you should also replace the "fingerprint" in defaults.json with that of your existing root? I guess you might not need to, but it would at least be good from the point of view of easing things for clients, no?
Hello!
Affected area/feature
The "The Medium Way" section of the "Create a new Certificate Authority or an intermediate CA from your existing PKI" document boils down to (1) step ca init; (2) delete the root key; (3) replace the root cert and the intermediate cert and key.
Seems like you should also replace the "fingerprint" in defaults.json with that of your existing root? I guess you might not need to, but it would at least be good from the point of view of easing things for clients, no?