nogweii
commented
4 years ago I haven't tested it, but there is at least one library for manipulating keystores directly in Go: https://github.com/pavel-v-chernykh/keystore-go
Open alanchrt opened 5 years ago
nogweii
commented
4 years ago I haven't tested it, but there is at least one library for manipulating keystores directly in Go: https://github.com/pavel-v-chernykh/keystore-go
dopey
commented
4 years ago Thanks for the tip @evaryont! We probably won't have the bandwidth short term to address this feature. That said, we had the pleasure of working through some keystore issues recently and so we definitely see the value in simplifying those workflows.
If anyone reading this has the time / interest / need, we welcome contributions :) Otherwise, we'll be looking to prioritize this early next year.
TheSecMaven
commented
4 years ago agreed this would be a useful feature, can be done with outside script probably but would increase peoples use of step as an ACME client in the generic sense (not even just for use with the smallstep CA, but for general ACME client use)
isodude
commented
2 years ago This would be awesome! There's a bunch of scripts solving it with keytool, but it's quite fragile.
gangxie112
commented
10 months ago Is there any update? It seems that there is no way for step-ca to add a plugin to implement jks. So, we have to modify the code of the step-ca/step directly, right?
What would you like to be added
Baked-in JKS file creation, like
keytool:https://docs.oracle.com/cd/E19509-01/820-3503/ggfen/index.html
Why this is needed
Some Java software (including Kafka) seem to make use of JKS files for managing certificates and keys.