Open vaerh opened 1 month ago
1.6.4
4.2.0
1.16.2
resource "vault_pki_secret_backend_root_sign_intermediate"
When the max_path_length = 0 attribute is specified, the certificate is expected to contain the following restriction:
max_path_length = 0
X509v3 Basic Constraints: critical CA:TRUE, pathlen:0
X509v3 Basic Constraints: critical CA:TRUE
No response
# https://developer.hashicorp.com/vault/tutorials/secrets-management/pki-engine#step-2-generate-intermediate-ca resource "vault_pki_secret_backend_root_sign_intermediate" "intermediate" { backend = vault_mount.pki.path common_name = "Intermediate CA" csr = vault_pki_secret_backend_intermediate_cert_request.csr-request.csr format = "pem_bundle" ttl = local.ttl_1y issuer_ref = vault_pki_secret_backend_root_cert.root-ca.issuer_name max_path_length = 0 }
terraform apply
Yes
Terraform Core Version
1.6.4
Terraform Vault Provider Version
4.2.0
Vault Server Version
1.16.2
Affected Resource(s)
resource "vault_pki_secret_backend_root_sign_intermediate"
Expected Behavior
When the
max_path_length = 0
attribute is specified, the certificate is expected to contain the following restriction:Actual Behavior
Relevant Error/Panic Output Snippet
No response
Terraform Configuration Files
Steps to Reproduce
terraform apply
Debug Output
No response
Panic Output
No response
Important Factoids
No response
References
2060
2253
Would you like to implement a fix?
Yes