x509

The recommendation is to set Cache-Control: private, no-store on any endpoint with sensitive information. Because while you can protect the traffic with TLS, you also need to keep sensitive information out of a client's (unencrypted) HTTP cache. I'm not sure how relevant this is to the API context of step-ca though—I've never seen an HTTP client library that caches content. But I guess the poi

Hello

What would you like to be added

Currently the step-cli certificate fingerprint foo.pem command only outputs the fingerprint as a SHA256 hash. It would be convenient to have an option to display a SHA1 fingerprint instead.

Why this is needed

Azure Iot Hub services display the fingerprints as SHA1 hashes on the Azure portal, so it's not easy to compare both types of finge

Please add provider support for the "botan encryption" command and implement the needed AES operations with PKCS#11.
I could not find any command line tool that I can use for that. OpenSSL's PKCS#11 engine does not support AES either.

What version of Go are you using (go version)?

$ go version 1.17

Does this issue reproduce with the latest release?

yes

What version of Go-Guardian are you using ?

Go-Guardian Version: 2.11.4

What did you do?

I configured ldap against a server tha