Menu
Products
Open Source
- Configure popular ACME clients to use a private CA
- Use Kubernetes cert-manager with
step-ca - Issue X.509 host certificates to cloud VMs
- Issue X.509 user certificates via your identity provider
- Create a CA that uses RSA keys
- Import an existing root or intermediate CA into
step-ca - Use Keycloak to issue SSH certificates with step-ca
- Run an SSH CA and connect to VMs using SSH certificates
- Use AWS to deploy a certificate authority and secure microservices
- Run
step-cain a Docker container - Federate multiple autonomous certificate authorities
Products
Open Source
- Configure popular ACME clients to use a private CA
- Use Kubernetes cert-manager with
step-ca - Issue X.509 host certificates to cloud VMs
- Issue X.509 user certificates via your identity provider
- Create a CA that uses RSA keys
- Import an existing root or intermediate CA into
step-ca - Use Keycloak to issue SSH certificates with step-ca
- Run an SSH CA and connect to VMs using SSH certificates
- Use AWS to deploy a certificate authority and secure microservices
- Run
step-cain a Docker container - Federate multiple autonomous certificate authorities
Installation
It's trivial to install the step-ca binary on your local machine.
Select your operating system or infrastructure:
macOS
Install step and step-ca together, via Homebrew:
brew install step
Linux Packages (amd64)
Debian
Install
stepDownload and install the Debian package for your platform from our latest release:
wget https://dl.step.sm/gh-release/cli/docs-ca-install/v0.20.0/step-cli_0.20.0_amd64.deb sudo dpkg -i step-cli_0.20.0_amd64.debInstall
step-caDownload and install the Debian package for your platform from our latest release:
wget https://dl.step.sm/gh-release/certificates/docs-ca-install/v0.20.0/step-ca_0.20.0_amd64.deb sudo dpkg -i step-ca_0.20.0_amd64.deb
To configure step-ca as a daemon, see our systemd configuration guide.
To uninstall, run dpkg -r step-cli step-ca and remove the configuration directory $HOME/.step.
Arch Linux
There are community-driven Arch Linux packages.
You can use pacman to install the packages.
pacman -S step-cli step-ca
The binary tarballs can be found here:
Big shout out to the maintainers of these packages! We appreciate you.
To uninstall, run pacman -R step-ca step-cli and remove the configuration directory $HOME/.step.
Alpine Linux
There are community driven Alpine Linux Packages for step and step-ca.
Use apk to install step:
apk add step-cli step-certificates
To uninstall, run apk del step-cli step-certificates and remove the $HOME/.step configuration directory.
The binary tarballs can be found here:
Big shout out to the maintainers of these packages! We appreciate you.
NixOS
There are community-maintained packages for NixOS:
FreeBSD
There are community-maintained packages for FreeBSD:
Here's an installation transcript for installing both packages in a FreeBSD jail.
Big shout out to the maintainers of these packages! We appreciate you.
Linux binaries
We distribute pre-compiled binaries for amd64, arm64, armv6, armv7, mips, mips64, ppc64le, and 386. See the latest release page.
Here's how to download and install the step and step-ca binaries on an amd64 machine:
Install
stepDownload and install the Linux tarball from our latest release:
wget -O step.tar.gz https://dl.step.sm/gh-release/cli/docs-ca-install/v0.20.0/step_linux_0.20.0_amd64.tar.gz tar -xf step.tar.gz sudo cp step_0.20.0/bin/step /usr/binInstall
step-caDownload and install the Linux tarball from our latest release:
wget -O step-ca.tar.gz https://dl.step.sm/gh-release/certificates/docs-ca-install/v0.20.0/step-ca_linux_0.20.0_amd64.tar.gz tar -xf step-ca.tar.gz sudo cp step-ca_0.20.0/bin/step-ca /usr/bin
To configure step-ca as a daemon, see our systemd configuration guide.
Kubernetes
We publish helm charts for easy installation on kubernetes:
helm install step-certificates
You can see all the configuration options at https://hub.helm.sh/charts/smallstep/step-certificates.
Docker
We publish docker images for easy container installation.
Test your installation
$ step version
Smallstep CLI/0.10.0 (darwin/amd64)
Release Date: 2019-04-30 19:01 UTC
$ step-ca version
Smallstep CA/0.10.0 (darwin/amd64)
Release Date: 2019-04-30 19:02 UTC
Next Steps
- Learn about the core concepts and design principles behind
step-ca. - Read the Getting Started guide to set up a CA and get your first certificate.
Subscribe to updates
Unsubscribe anytime. See our privacy policy.
© 2022 Smallstep Labs, Inc. All rights reserved.