terraform-provider-tls
terraform-provider-tls copied to clipboard
Published
20 hours ago •
hashicorp
hashicorp
Add support for `email_addresses` in `tls_cert_request` and `tls_self_signed_cert` resources
trafficstars
Terraform Version
Terraform v0.11.9
+ provider.aws v1.46.0
+ provider.template v1.0.0
+ provider.tls v1.2.0
Affected Resource(s)
- tls_self_signed_cert
- tls_cert_request
Terraform Configuration Files
resource "tls_cert_request" "client" {
key_algorithm = "${tls_private_key.client.algorithm}"
private_key_pem = "${tls_private_key.client.private_key_pem}"
subject {
common_name = "client"
}
# this is what's missing
# rfc822 = "[email protected]"
# or more easily
# subject {
# common_name = "client"
# email_address = "[email protected]"
# this should generate the legacy support ones which is the email address as part of the subject but also add the rfc822 SAN
# }
}
Debug Output
n/a
Panic Output
n/a
Expected Behavior
Should support it so we can have name and email addresses to be assigned to client certificates.
Actual Behavior
n/a
Steps to Reproduce
n/a
Important Factoids
https://tools.ietf.org/html/rfc5280#section-4.1.2.6 talks about the emailAddresses
References
#27
The x509.Certificate type offers a field EmailAddresses that sits next to URIs, IPAddresses and DNSNames.
This effort would be a matter of exposing the additional field and provide test coverage.
