Open dopey opened 2 years ago
We may want to have another look at this.
This issue makes the path to revocation on Certificate Manager more involved, because I can't just revoke using the admin OIDC provisioner, I have to create a JWK provisioner, make a token with step ca token --provisioner jwk
, then revoke the token with step ca revoke --token
.
For example, the OIDC provisioner does not return a token with serial number as subject.
So, either parse different types of tokens correctly, or remove provisioners from list that generate the wrong type of token.