CA set certificates

akamai_mtlstruststore_ca_set_certificates

📘

Beta

Hello. Just a note to let you know the underlying API on which this data source is built is general release and has been vetted, but because this is a new feature for our Terraform provider, we've given it beta label.

This status just means we've paused for a bit to get your feedback to make sure this data source works like you need and expect.

List all certificates for a CA set version.

data "akamai_mtlstruststore_ca_set_certificates" "my-ca-set-certs" {
  id              = "12345"
  include_expired = true
}

output "my-ca-set-certs" {
  value = data.akamai_mtlstruststore_ca_set_certificates.my-ca-set-certs
}
my-ca-set-certs = {
  certificates             = [
    {
      certificate_pem     = <<-EOT
            -----BEGIN CERTIFICATE-----
            MIID <sample - removed for readability> .... Mweq
            -----END CERTIFICATE-----
        EOT
      created_by          = "jsmith"
      created_date        = "2023-10-25T19:57:25Z"
      description         = "certificate-1"
      end_date            = "2025-05-29T19:51:12Z"
      fingerprint         = "abc12345def6ghi78jklm9no012pqr456stu6vwx7yz89ab012cd34efghijklm56n"
      issuer              = "CN=AkamaiCorpRoot-G1, O=Akamai Technologies Inc."
      serial_number       = "ab12c345def6gh7i8jklm9no012pqr4"
      signature_algorithm = "SHA256WITHECDSA"
      start_date          = "2015-05-29T19:41:12Z"
      subject             = "CN=AkamaiCorpRoot-G1, O=Akamai Technologies Inc."
    },
  ]
  id                       = "12345"
  include_active           = null
  include_expired          = true
  include_expiring_by_date = null
  include_expiring_in_days = null
  name                     = "my-ca-set"
  version                  = 3
}

Arguments

Pass a CA set's ID or name in the data block to get all of its certificates. To filter your results, you're also required to provide at least one of these arguments: include_active, include_expired, include_expiring_in_days, or include_expiring_by_date.

Argument Required Description
id Your CA set's ID.
name Your CA set's name. It must match exactly. If there are multiple CA sets with the same name, you get an error. In this case, use the id argument.
version Your CA set's version number. If not provided, the latest version is returned by default.
include_active When true, it returns all active, non-expired certificates.
Notes:
  • If you provide just this argument without the include_expired argument, you can set it only to true.
  • You can’t set it to false when the include_expired argument is false.
  • You can't use it together with the include_expiring_in_days and include_expiring_by_date arguments.
include_expired When true, it returns all expired certificates.
Notes:
  • If you provide just this argument without the include_active argument, you can set it only to true.
  • You can’t set it to false when the include_active argument is false.
include_expiring_in_days When you provide the number value, it returns active certificates that will expire within the specified number of days.
Note: You can't use it together with the include_expiring_by_date and include_active arguments.
include_expiring_by_date When you provide the timestamp value, it returns active certificates that will expire by the specified date.
Note: You can't use it together with the include_expiring_in_days and include_active arguments.

Attributes

Returned to you is a set of certificates for the CA set version.

Attribute Description
certificate_pem The certificate in PEM format, as found in a Base64 ASCII encoded file.
description A human-readable description of the certificate.
created_by The user who created the certificate.
created_date The timestamp indicating when the certificate was created.
start_date The timestamp indicating when the certificate started.
end_date The timestamp indicating when the certificate expires.
fingerprint The fingerprint of the certificate.
issuer The certificate's issuer.
serial_number The unique serial number of the certificate.
signature_algorithm The signature algorithm of the certificate.
subject The certificate's subject field.