-
Notifications
You must be signed in to change notification settings - Fork 96
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
DXE-1925 what value we can use for certificate_chain_type #351
Comments
Hi @janezhen08, Thank you for reaching out to us. We checked with our functional team and got the below response for your query:
There is an API to see the available trust chains by CA. The only one with values is Let's Encrypt. /trust-chains/le is the endpoint. Response looks like this:
I hope this answers your query. Let me know in case you have any other questions. Regards, |
Hi Piyush, Thanks for working on this, i have tested using value: dst-root-ca-x3, in terraform code, i use certificate_chain_type = "dst-root-ca-x3" but get below error: │ Error: create enrollment: API error: Could you advise? thanks Jane |
Hi @janezhen08, The attribute is actually "preferredTrustChain" not "certificateChainType". Can you try by passing the value to it? Regards, |
Hi Piyush, I tried this param: preferred_trust_chain = "dst-root-ca-x3", it is unexpected. ╷ I checked in this repo, and found the expected argument is certificate_chain_type. thanks Jane |
Hi @janezhen08, My apologies for the delayed response, unfortunately this parameter was not added to our terraform provider (and Edgrgrid-golang). You can check the utilization of it here https://techdocs.akamai.com/cps/reference/post-enrollment. For now, I will create an internal feature request for this field and have it added. As a workaround for now, I am afraid we don't have a solution in terraform, but you may use the API call or Akamai-CLI in your automations as a short term fix. We will keep this issue tracked and updated while working on it. If you have any other questions, please feel free to discuss. Regards, |
Also you can check for the possible acceptable values for different fields on the same API link just in case |
Hi, So, what are the allowed values for the certificate_chain_type Terraform Argument? The example shows it being set to "default" though I can't find allowed values anywhere. The CPS API docs don't even mention a certificate chain type, only a certificate type, which is set by the Resource. I am working on providing a description for this field and field validation in our automation and thus need to know what its value is used for and what the allowed values are. Thanks, Tom |
Hi @hypnotisttom, Actually there was a bug in document due to which some fields went missing. We have fixed it and you can check the acceptable values there. I will be closing this issue now as it was related with adding a new field to terraform (preferred_trust_chain) which is now fixed with the latest release. In case you have any other doubts or questions, please feel free to open a new request with us. Regards, |
Hello @janezhen08 Best regards, |
Thanks, have verified, it is working now. |
Which doc, @kaush- ? The https://registry.terraform.io/providers/akamai/akamai/latest/docs/resources/cps_dv_enrollment is still only showing this: Tom |
It's in the tech doc for the APIs @hypnotisttom. You can find them here https://techdocs.akamai.com/cps/reference/post-enrollment |
Hello Team,
I am using akamai provider to create dv certificate and i would like to use "R3 + ISRG Root X1 (signed by DST Root CA X3)" as certificate_chain_type, but when running terraform apply, it reports error:
cps/v2/error-types/invalid-certificate-chain-type
statusCode: 400
Please advise what value should be set in certificate_chain_type? what's the difference between default and R3 + ISRG Root X1 (signed by DST Root CA X3)?
Thanks
The text was updated successfully, but these errors were encountered: