Replies: 2 comments 6 replies
-
All our code is in Go, It might be able to compile the required packages as a C shared library, but I think it's probably better and simpler to use libraries in C++, for example, you will need one to sign JWT, one HTTP client that post to /sign with a given CSR and the signed token, you will need of course to be able to read JSON, and of course generate the CSR and a key, you might be able also to pass this as parameters.
No, each online CA will have a different way to sign a certificate. |
Beta Was this translation helpful? Give feedback.
-
@LecrisUT I've just learned about this client in rust https://github.com/Bluestone/tinystep, I don't know of which features it supports, but it might be easier to integrate a C++ app with this. |
Beta Was this translation helpful? Give feedback.
-
I am having an ambition to create some interoperability between step (and if possible other client certificate issuers) and keepass databases. The main goal is to have the keepass client when unlocked check the stored certificate, and if expired go to the CA and get a new one and store it in the database. That way only when you have the master password, would you be able to renew the certificate, and with the low life-time of step-ca certificates it makes a great combo.
As for the implementation, I could use some insight and advice:
Beta Was this translation helpful? Give feedback.
All reactions