Keyless signing #865
Description
The goal of this task is to provide a first glipse of keyless signing using a file-based certificate authority to sign certificate requests from the CLI. KMS will come later, but in this issue we want to prioritize the experience and explore the different use cases for Chainloop.
The proposed workflow is:
- user does an
attestation pushwithout providing a key - the CLI generates a CSR and sends it to Chainloop
- Chainloop signs the CSR and returns a full certificate chain for signing
- the CLI signs the attestation and creates a DSSE envelope as usual