I'm talking about sending the CSR to the server that runs on http.
Bifrost CA server is a plain HTTP server that responds to X.509 Certificate Signing Requests (CSRs) sent via POST requests. The server validates CSRs, signs them, and returns signed certificates to clients.
*PLAIN* http server.
and also mentioning how operators can secure access to the server.
Also it says:
Bifrost recognises clients by their ECDSA P-256 key pairs. A client’s UUID is the hash of the public key and the namespace. The namespace is any UUID that identifies a domain or application.
When you send a CSR, the CSR contains the public key.
and also mentioning how operators can secure access to the server.
Also it says:
When you send a CSR, the CSR contains the public key.You __REALLY__ need to read up on x.509.