step ca admin add
Name
step ca admin add -- add an admin to the CA configuration
Usage
step ca admin add <subject> <provisioner> [--super]
[--admin-cert=<file>] [--admin-key=<file>] [--admin-subject=<subject>]
[--admin-provisioner=<name>] [--admin-password-file=<file>]
[--ca-url=<uri>] [--root=<file>] [--context=<name>]
Description
step ca admin add adds an admin to the CA configuration.
Positional arguments
subject
The subject name that must appear in the identifying credential of the admin.
provisioner
The name of the provisioner
Options
--super Give administrator SuperAdmin privileges.
--admin-cert=chain
Admin certificate (chain) in PEM format to store in the 'x5c' header of a JWT.
--admin-key=file
Private key file, used to sign a JWT, corresponding to the admin certificate that will
be stored in the 'x5c' header.
--admin-subject=subject, --admin-name=subject
The admin subject to use for generating admin credentials.
--admin-provisioner=name, --admin-issuer=name
The provisioner name to use for generating admin credentials.
--admin-password-file=file, --password-file=file
The path to the file containing the password to decrypt the one-time token
generating key.
--ca-url=URI
URI of the targeted Step Certificate Authority.
--root=file
The path to the PEM file used as the root certificate authority.
--context=name
The context name to apply for the given command.
Examples
Add regular Admin:
$ step ca admin add max@smallstep.com google
Add SuperAdmin:
$ step ca admin add max@smallstep.com google --super
Introducing
Device Identity
Ensure that only company-owned devices can access your enterprise's most sensitive resources.
