``CAU`` is going to be used to execute Certificate Authority for Users, and ``CAS`` for Certificate Authority for SErvices. As server is going to be just running, there is no need for special environment variable.
Let's start a server in separate terminal, which will approve automatically one user certificate -- if you're lucky, it will be yours::
It will return its id and path, so fetch it with the id::
$CAU --mode user --send-csr user/client.csr.pem --get-crt <user-cert-id> user/client.key.pem
Voila, you have your key signed by caucase you started, and you became user of this caucase, so you now have the power to decide which service certificate requests will be granted and which will be rejected.
And now as a service, let's ask caucase for signing::
$CAS --send-csr service/csr.pem
Again remember the id. Let's ask for the certificate immediately::
$CAS --get-crt <service-cert-id> service/crt.pem
The reply is::
<service_id> CSR still pending
You might end up in situation with bad network, so there is nothing wrong with asking the server again to sign the certificate, it will return the same id::
$CAS --send-csr service/csr.pem
Now using user certificate, but in ``--mode service``, which is default, let's see what is to sign::
$CAU --user-key user/client.key.pem --list-csr
You'll see::
-- pending service CSRs --
csr_id | subject preview (fetch csr and check full content !)
