step ca provisioner webhook update
Name
step ca provisioner webhook update -- update a webhook attached to a provisioner
Usage
step ca provisioner webhook update <provisioner_name> <webhook_name>
[--url=<url>] [--kind=<kind>] [--bearer-token-file=<filename>]
[--basic-auth-username=<username>] [--basic-auth-password-file=<filename>]
[--disable-tls-client-auth] [--cert-type=<cert-type>]
[--admin-cert=<file>] [--admin-key=<file>] [--admin-subject=<subject>]
[--admin-provisioner=<name>] [--admin-password-file=<file>]
[--ca-url=<uri>] [--root=<file>] [--context=<name>] [--ca-config=<file>]
Description
step ca provisioner webhook update updates a webhook attached to a provisioner.
Positional arguments
provisioner_name
The name of the provisioner.
webhook_name
The name of the webhook.
Options
--url=value
The url of the webhook server.
--kind=value
The kind of webhook. Default is ENRICHING.
--bearer-token-file=value
The token to be set in the Authorization header of the request to the webhook server.
--basic-auth-username=value
The username portion of the Authorization header of the request to the webhook server when using basic authentication.
--basic-auth-password-file=value
The password porition of the Authorization header of the request to the webhook server when using basic authentication.
--disable-tls-client-auth The CA will not send a client certificate when requested by the webhook server.
--cert-type=value
Whether to call this webhook when signing X509 certificates, SSH certificates, or ALL certificates. Default is ALL.
--admin-cert=chain
Admin certificate (chain) in PEM format to store in the 'x5c' header of a JWT.
--admin-key=file
Private key file, used to sign a JWT, corresponding to the admin certificate that will
be stored in the 'x5c' header.
--admin-subject=subject, --admin-name=subject
The admin subject to use for generating admin credentials.
--admin-provisioner=name, --admin-issuer=name
The provisioner name to use for generating admin credentials.
--admin-password-file=file, --password-file=file
The path to the file containing the password to decrypt the one-time token
generating key.
--ca-url=URI
URI of the targeted Step Certificate Authority.
--root=file
The path to the PEM file used as the root certificate authority.
--context=name
The context name to apply for the given command.
--ca-config=file
The certificate authority configuration file. Defaults to
$(step path)/config/ca.json
Examples
Change a webhook's url:
step ca provisioner webhook update my_provisioner my_webhook --url https://example.com
Configure a webhook to send a bearer token to the server:
step ca provisioner webhook update my_provisioner my_webhook --bearer-token-file token.txt
Change the password sent to the webhook with basic authentication:
step ca provisioner webhook update my_provisioner my_webhook --basic-auth-password-file my_pass.txt
Configure the webhook to be called only when signing x509 certificates, not SSH certificates:
step ca provisioner webhook update my_provisioner my_webhook --cert-type X509
Introducing
Managed workloads and devices
Ensure robust security and trust between all managed devices, workloads, and people using short-lived certificates.
