step ca bootstrap – initialize the environment to use the CA commands


step ca bootstrap [–ca-url=uri] [–fingerprint=fingerprint] [–install]


step ca bootstrap downloads the root certificate from the certificate authority and sets up the current environment to use it.

Bootstrap will store the root certificate in $STEPPATH/certs/root_ca.crt and create a configuration file in $STEPPATH/configs/defaults.json with the CA url, the root certificate location and its fingerprint.

After the bootstrap, ca commands do not need to specify the flags –ca-url, –root or –fingerprint if we want to use the same environment.


URI of the targeted Step Certificate Authority.
-f, –force
Force the overwrite of files without asking.
The fingerprint of the targeted root certificate.
Install the root certificate into the system truststore.