step is an easy-to-use CLI tool for building, operating, and automating Public Key Infrastructure (PKI) systems and workflows.
It's the client counterpart to the
step-ca online Certificate Authority (CA).
You can use it for many common crypto and X.509 operations—either independently, or with an online CA.
Step CLI's command groups illustrate its wide-ranging uses:
step certificate: Work with X.509 (TLS/HTTPS) certificates.
step crypto: A general-purpose crypto toolkit
step oauth: Add an OAuth 2.0 single sign-on flow to any CLI application.
step crypto jwt verify)
See our installation docs here.
Here's a quick example, combining
step oauth and
step crypto to get and verify the signature of a Google OAuth OIDC token:
stepusers on GitHub Discussions or Discord