Implement support for x509 extra extensions #76
Conversation
ghost
added
| Type: schema.TypeInt, | ||
| Description: "Fill this field if the extension value should be encoded as an ASN.1 INTEGER", | ||
| Optional: true, | ||
| ForceNew: true, |
There was a problem hiding this comment.
You can use the ConflictsWith attribute to make sure that only one is set:
ConflictsWith: []string{"boolean_value", "printable_string_value", "utf8_string_value"},
There was a problem hiding this comment.
Awesome! Didn't know about this
| Optional: true, | ||
| ForceNew: true, | ||
| }, | ||
| "type": { |
There was a problem hiding this comment.
If you have all the ConflictsValue set right, you no longer need this since only one of the values above will be set. The GetOk method should give you the result and ok (whether or not the value has been set by the user)
There was a problem hiding this comment.
This won't work unfortunately. ConflictsWith does not work on nested resources:
hashicorp/terraform-plugin-sdk#71
And I can't call GetOk on a nested resource, because it is returned to me as a map instead of as ResourceData
| @@ -43,7 +45,25 @@ func TestCertRequest(t *testing.T) { | |||
| uris = [ | |||
| "spiffe://example-trust-domain/workload", | |||
| "spiffe://example-trust-domain/workload2", | |||
| ] | |||
| ] | |||
|
Thank you for your submission! We require that all contributors sign our Contributor License Agreement ("CLA") before we can accept the contribution. Read and sign the agreement Learn more about why HashiCorp requires a CLA and what the CLA includes AbdulRahman AlHamali seems not to be a GitHub user. Have you signed the CLA already but the status is still pending? Recheck it. |
|
HI Team, can we have this merged, we literally need this feature for one of our client certificate |
|
@julienduchesne : Could you please help this feature go live... We actually require OID feature for few of our client certs.. And this will be more helpfull |
This PR provides the ability to add arbitrary extensions to certificates and certificate requests, by providing their OID, whether they are critical or not, and their value.
The value of the extension is serialized into Abstract Syntax Notation One (ASN.1)
The PR only implements a few of the possible types for value, but makes it very easy to add more types upon demand.
Please let me know what you think, looking forward to the review.
Regards,