step ca root
Name
step ca root -- download and validate the root certificate
Usage
step ca root [<root-file>]
[--ca-url=<uri>] [--fingerprint=<fingerprint>] [--context=<name>]
Description
step ca root downloads and validates the root certificate from the certificate authority.
Positional arguments
root-file
File to write root certificate (PEM format)
Options
-f, --force Force the overwrite of files without asking.
--fingerprint=fingerprint
The fingerprint of the targeted root certificate.
--ca-url=URI
URI of the targeted Step Certificate Authority.
--context=name
The context name to apply for the given command.
Examples
Get the root fingerprint in the CA:
$ step certificate fingerprint /path/to/root_ca.crt
0d7d3834cf187726cf331c40a31aa7ef6b29ba4df601416c9788f6ee01058cf3
Download the root certificate from the configured certificate authority:
$ step ca root root_ca.crt \
--fingerprint 0d7d3834cf187726cf331c40a31aa7ef6b29ba4df601416c9788f6ee01058cf3
Download the root certificate using a given certificate authority:
$ step ca root root_ca.crt \
--ca-url https://ca.smallstep.com:9000 \
--fingerprint 0d7d3834cf187726cf331c40a31aa7ef6b29ba4df601416c9788f6ee01058cf3
Print the root certificate using the flags set by step ca bootstrap:
$ step ca root
Introducing
Managed workloads and devices
Ensure robust security and trust between all managed devices, workloads, and people using short-lived certificates.
