Make --attestation-uri incompatible with --kms by maraino · Pull Request #1516 · smallstep/cli
The ACME-DA flow in the step ca certificate command expects all KMS parameters to be provided through the `--attestation-uri` flag. Using the `--kms` flag at the same time can lead to errors. For example, if the YubiKey PIN is set with the `--kms` flag, the flow will ignore it and use the default one instead, resulting in a PIN retry error. Fixes #1492
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode characters