Open Source

The step CLI tool is the easiest way to initialize, configure, and control step-ca. While step is not technically required to run step-ca, it is very much recommended.

Debian

Install step

Download and install the Debian package for your platform from our latest release:

wget https://dl.step.sm/gh-release/cli/docs-ca-install/v0.21.0/step-cli_0.21.0_amd64.deb
sudo dpkg -i step-cli_0.21.0_amd64.deb

Install step-ca

Download and install the Debian package for your platform from our latest release:

wget https://dl.step.sm/gh-release/certificates/docs-ca-install/v0.21.0/step-ca_0.21.0_amd64.deb
sudo dpkg -i step-ca_0.21.0_amd64.deb

To configure step-ca as a daemon, see our systemd configuration guide.

To uninstall, run dpkg -r step-cli step-ca and remove the configuration directory $HOME/.step.

Arch Linux

There are community-driven Arch Linux packages.

You can use pacman to install the packages.

pacman -S step-cli step-ca

The binary tarballs can be found here:

step-ca

step-cli

Big shout out to the maintainers of these packages! We appreciate you.

To uninstall, run pacman -R step-ca step-cli and remove the configuration directory $HOME/.step.

Alpine Linux

This package is in a testing repository.

To install it, you'll need to append http://dl-cdn.alpinelinux.org/alpine/edge/testing to /etc/apk/repositories. Alternatively, see Linux (other).

There are community driven Alpine Linux Packages for step and step-ca.

Use apk to install step:

apk add step-cli step-certificates

To uninstall, run apk del step-cli step-certificates and remove the $HOME/.step configuration directory.

The binary tarballs can be found here:

step-cli

step-certificates

Big shout out to the maintainers of these packages! We appreciate you.

NixOS

There are community-maintained packages for NixOS:

step-ca

step-cli

FreeBSD

There are community-maintained packages for FreeBSD:

step-certificates

step-cli

Here's an installation transcript for installing both packages in a FreeBSD jail.

Big shout out to the maintainers of these packages! We appreciate you.

Linux binaries

We distribute pre-compiled binaries for amd64, arm64, armv6, armv7, mips, mips64, ppc64le, and 386. See the latest release page.

Here's how to download and install the step and step-ca binaries on an amd64 machine:

Install step

Download and install the Linux tarball from our latest release:

wget -O step.tar.gz https://dl.step.sm/gh-release/cli/docs-ca-install/v0.21.0/step_linux_0.21.0_amd64.tar.gz
tar -xf step.tar.gz
sudo cp step_0.21.0/bin/step /usr/bin

Install step-ca

Download and install the Linux tarball from our latest release:

wget -O step-ca.tar.gz https://dl.step.sm/gh-release/certificates/docs-ca-install/v0.21.0/step-ca_linux_0.21.0_amd64.tar.gz
tar -xf step-ca.tar.gz
sudo cp step-ca_0.21.0/bin/step-ca /usr/bin

To configure step-ca as a daemon, see our systemd configuration guide.

Kubernetes

We publish helm charts for easy installation on kubernetes:

helm install step-certificates

You can see all the configuration options at https://hub.helm.sh/charts/smallstep/step-certificates.

Autocert

If you're using Kubernetes, make sure you check out autocert: a kubernetes add-on that builds on step-ca to automatically inject TLS/HTTPS certificates into your containers.

Docker

We publish docker images for easy container installation.

Test your installation

$ step version
Smallstep CLI/0.10.0 (darwin/amd64)
Release Date: 2019-04-30 19:01 UTC

$ step-ca version
Smallstep CA/0.10.0 (darwin/amd64)
Release Date: 2019-04-30 19:02 UTC