Clarify ca.json edit commands

[maraino]

Description

Commands like step ca provisioner add default currently to use the remote configuration, aka adminAPI if the CA configured in your has it enabled. But if we want to edit a local ca.json, the usage is confusing.

This command might not edit myca.json. It will if your defaults.json doesn't point to a CA, or if it does, that CA is not up or doesn't have the adminAPI enabled.

step ca provisioner add --ca-config myca.json --type JWK --create

Currently, --ca-config is always set to $(step path)/config/ca.json. If we remove that default value, we can use edit the local file if --ca-config is passed and attempt remote edit if does not.

Optionally, although I think it will be confusing if the remote configuration is not enabled or the server is not up, we can attempt to edit $(step path)/config/ca.json if available. But that might be more backward compatible.

[tashian]

One workaround for this (until the next cli release) is to set a fake STEPPATH so that defaults.json is not found and no server access is attempted:

STEPPATH=/tmp step ca provisioner add --ca-config ~/.step/config/ca.json --type JWK --create