|
…
|
||
|---|---|---|
| .. | ||
| DESCR | ||
| PLIST | ||
| README | ||
| step_ca.rc | ||
+-------------------------------------------------------------------------------
| Running ${PKGSTEM} on OpenBSD
+-------------------------------------------------------------------------------
Initialization
==============
Step CA needs to be initialized by the _step-ca user in the
directory ${LOCALSTATEDIR}/step-ca via
# su _step-ca -c "env STEPPATH=${LOCALSTATEDIR}/step-ca step ca init"
Running the service
===================
Step CA needs to be told which config file to load when starting the rcctl
service script by setting the appropriate flags
# rcctl enable step_ca
# rcctl set step_ca flags --config config/ca.json
Add the CA cert to system store
===============================
The default certificate for Step CA is stored in ${LOCALSTATEDIR}/step-ca/certs/root_ca.crt
which should be added to the system by appending it to ${SYSCONFDIR}/ssl/cert.pem
# cat ${LOCALSTATEDIR}/step-ca/certs/root_ca.crt >> ${SYSCONFDIR}/ssl/cert.pem