From 482482e71729e41c22d4d9f731452eae71d5e4d8 Mon Sep 17 00:00:00 2001 From: Carl Tashian Date: Tue, 19 Oct 2021 15:22:30 -0700 Subject: [PATCH] install-step-ra.sh: Don't try to create a JWK provisioner, because the web app's OAuth flow doesn't support OOB with STEP_CONSOLE=true. --- scripts/install-step-ra.sh | 10 +--------- 1 file changed, 1 insertion(+), 9 deletions(-) diff --git a/scripts/install-step-ra.sh b/scripts/install-step-ra.sh index 1920b17d..227af5db 100644 --- a/scripts/install-step-ra.sh +++ b/scripts/install-step-ra.sh @@ -126,25 +126,17 @@ fi echo "Bootstrapping with the CA..." export STEPPATH=$(mktemp -d) -export STEP_CONSOLE=true step ca bootstrap --ca-url $CA_URL --fingerprint $CA_FINGERPRINT if [ -z "$CA_PROVISIONER_NAME" ]; then declare -a provisioners readarray -t provisioners < <(step ca provisioner list | jq -r '.[] | select(.type == "JWK") | .name') - provisioners+=("Create provisioner") printf '%s\n' "${provisioners[@]}" printf "%b" "\nSelect a JWK provisioner:\n" >&2 select provisioner in "${provisioners[@]}"; do - if [ "$provisioner" == "Create provisioner" ]; then - echo "Creating a JWK provisioner on the upstream CA..." - echo "" - read -p "Label your provisioner (e.g. example-ra): " CA_PROVISIONER_NAME < /dev/tty - step beta ca provisioner add $CA_PROVISIONER_NAME --type JWK --create - break - elif [ -n "$provisioner" ]; then + if [ -n "$provisioner" ]; then echo "Using existing provisioner $provisioner." CA_PROVISIONER_NAME=$provisioner break