|
2 | 2 | title: Configuring `step-ca` Templates |
3 | 3 | html_title: Configuring open source step-ca Templates |
4 | 4 | description: Learn how to configure step-ca Templates |
5 | | -updated_at: March 24, 2024 |
| 5 | +updated_at: March 25, 2025 |
6 | 6 | --- |
7 | 7 |
|
8 | 8 | People use private CAs for all sorts of things, in many different contexts: |
@@ -222,16 +222,14 @@ Here are some constants available in X.509 certificate templates: |
222 | 222 | - **.Subject**: |
223 | 223 | The subject that was passed in to `step certificate` or `step ca certificate`. Specifically, |
224 | 224 | `.Subject.CommonName` contains the Common Name for the certificate. By default, a passed-in subject |
225 | | - value must match a value from a trusted source in order to be added to the certificate. The |
226 | | - client is only a trusted source if they are an admin using the JWK provisioner. |
| 225 | + value must match a value from a trusted source in order to be added to the certificate. |
227 | 226 |
|
228 | 227 | - **.SANs**: |
229 | 228 | Subject Alternative Names. |
230 | 229 | This is a list of maps containing SANs for the certificate. |
231 | 230 | Unless SANs are specified (using the `--san` flag, for example), |
232 | 231 | the `.Subject.CommonName` is the default SAN. By default, a passed-in subject |
233 | | - value must match a value from a trusted source in order to be added to the certificate. The |
234 | | - client is only a trusted source if they are an admin using the JWK provisioner. |
| 232 | + value must match a value from a trusted source in order to be added to the certificate. |
235 | 233 |
|
236 | 234 | - **.Token**: |
237 | 235 | If a signed token was used to obtain the certificate |
|
0 commit comments