← Back to context

Comment by Thom2000

1 day ago

Sadly most tools still doesn't support it: https://github.com/cert-manager/cert-manager/issues/8373#iss...

And then the issue is protecting the private key of the issuer and monitoring certificates (it's a good idea to do that anyway).

One of the draft authors is already working on a cert-manager implementation. I'm optimistic it'll make it into cert-manager once the spec is ready and CAs actually start to implement it.