Add command to issue context-specific x509 auth #1509
Description
Hello!
- Vote on this issue by adding a 👍 reaction
- If you want to implement this feature, comment to let us know (we'll work with you on design, scheduling, etc.)
Issue details
When using the cli tool it can be useful to set STEP_ADMIN_CERT and STEP_ADMIN_KEY especially when testing.
It would be nice if there was a step command that would do the following steps auto-magically 🪄
- Issue a certificate pair for your own email from authority-admin
- Set the
STEP_ADMIN_CERTandSTEP_ADMIN_KEY
This would be nice if it respected contexts as well as those are a PITA to work around when using the env auth
Why is this needed?
The cert based env auth is super nice to limit re-issuances during testing, something like the command below allowing the user to set the end time on the auth x509. Then automatically using that cert for auth in that context until it expires (or is revoked
step ca login --context <CTX> --provisioner <etc> --valid-until <1h> <etc>
step ca logout --context <CTX> # To wrapper the revoke and undo actions