step is an easy-to-use CLI tool for building, operating, and automating Public Key Infrastructure (PKI) systems and workflows.
step acts as front-end interface to Certificate Manager and
step-ca, an online X.509 and SSH Certificate Authority (CA).
step is also a standalone, general-purpose PKI toolkit: You can use it for many common crypto and X.509 operations.
If you'd like to use
step-ca, head over to the
step-ca documentation for command usage information and examples.
step has plenty of features that make crypto easier for the casual user.
Here's a few common uses of the
step command that don't require
- Create and work with X.509 certificates
- Get a TLS Certificate From Let's Encrypt
- Generate JSON Web Tokens (JWTs) and JSON Web Keys (JWKs)
- Obtain and Work With OAuth Tokens
- Inspect an SSH certificate
- Sign and encrypt arbitrary data using the NaCl library
- Generate and verify TOTP tokens for multi-factor authentication (MFA)
- Add and remove CA certificates from your system's default trust store