Open Source PKI Tutorials

step-ca is an online Certificate Authority (CA) for secure, automated X.509 and SSH certificate management. People use our tooling to automate issuance, renewal, and revocation of certificates for all types of workloads and use cases. This tutorial section highlights many popular deployment scenarios and is designed to help the participant learn by doing. Each activity includes detailed examples and copy/paste code blocks.

In general, these tutorials assume you have initialized and started up a step-ca instance using the steps in Getting Started. As an alternative, you can use our hosted CA, Smallstep Certificate Manager.

Don't Forget Our Blog

We have a great set of reference materials captured in our blog posts. If you are new to PKI, we would recommend starting with Everything you should know about certificates and PKI but are too afraid to ask.

Looking For Something Specific?

We are continually updating our tutorial library and would love to hear what you want to learn next. Visit GitHub Discussions and let us know.