Support Secondary Certificates in IdP Sp connections

[ashhammond]

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment

Description

Ping Federate supports the ability for a primary and secondary keypair to be added to a connection. Currently the provider is only supporting management of the primary keypair.

We would like to raise the a feature request for the secondary keypair to be added as a configuration item.

New or Affected Resource(s)

• pingfederate_sp_idp_connection

Potential Terraform Configuration

signing_settings {
      algorithm                    = "SHA256withRSA"
      include_cert_in_signature    = true
      include_raw_key_in_signature = false

      signing_key_pair_ref {
        id = pingfederate_keypair_signing.outbound_saml_sign_primary.id
      }
      secondary_signing_key_pair_ref {
        id = pingfederate_keypair_signing.outbound_saml_sign_secondary.id
      }
    }

References

"signingSettings": {
            "signingKeyPairRef": {
                "id": "wdyeihc67mrs6wnzcswi8msri",
                "location": "https://pf_host/pf-admin-api/v1/keyPairs/signing/wdyeihc67mrs6wnzcswi8msri"
            },
            "alternativeSigningKeyPairRefs": [{
                "id": "bwhyjglxcr771hpudmku83ivj",
                "location": "https://pf_host/pf-admin-api/v1/keyPairs/signing/bwhyjglxcr771hpudmku83ivj"
            }],
            "algorithm": "SHA256withRSA",
            "includeCertInSignature": true,
            "includeRawKeyInSignature": false
        }

• 0000

[iwarapter]

This has been released in v0.2.0