Utility provider that works with Transport Layer Security keys and certificates. It provides resources that allow private keys, certificates and certficate requests to be created as part of a Terraform deployment.
I try to use this tls provider to sign a csr which generate for an intermedia CA, I would like to set some x509 v3 extension of basic constraints during the sign process, max_path_length is a part of it.
The max_path_length parameter specifies the maximum number of CAs that can appear below this one in a chain. A max_path_length of zero means the CA cannot sign any sub-CA's, and can only sign end-entity certificates.
ref: STANDARD EXTENSIONS
taliesins
commented
1 year ago
Terraform CLI and Provider Versions
"terraform_version": "1.3.6",
tls = { source = "hashicorp/tls" version = ">= 4.0.4" }
Use Cases or Problem Statement
I try to use this tls provider to sign a csr which generate for an intermedia CA, I would like to set some x509 v3 extension of basic constraints during the sign process, max_path_length is a part of it. The max_path_length parameter specifies the maximum number of CAs that can appear below this one in a chain. A max_path_length of zero means the CA cannot sign any sub-CA's, and can only sign end-entity certificates. ref: STANDARD EXTENSIONS
Proposal
Please consider add attribute of
max_path_lengthfor the basic constraints just like vault provider's resouce pki_secret_backend_root_sign_intermediateHow much impact is this issue causing?
Medium
Additional Information
No response
Code of Conduct