SSH certificate authority — moved

This page moved to Authentication policy → SSH certificate authority on 2026-05-26.

The configuration surface, write actions, and audit-log namespace are unchanged — the toggle was folded into the Authentication policy page so the SSH-protocol kill switch and the SSH CA configuration live next to each other (since the CA only makes operational sense when SSH is enabled). The standalone tab was retired to reduce admin-sidebar noise.

If you were looking for:

• Configure trusted CA public keys → Authentication policy → SSH certificate authority → Step 2
• Principal policy radios → Step 3
• Require CA-signed certificate toggle → Step 4
• CA rotation procedure → Rotating the CA

Direct /admin/ssh-ca/ URLs (and the older /ssh-ca/ and /ssh-cert-auth/ aliases) redirect to /admin/auth-policy/ via Hugo aliases on the destination page. Bookmarks and external links keep working.

In the admin console, the same redirect applies: <your-org>/_admin/ssh-ca → <your-org>/_admin/auth-policy#authp-ssh-ca.