Account CA certificates

akamai_mtlskeystore_account_ca_certificates

📘

Hello. Just a note to let you know the underlying API on which this data source is built is general release and has been vetted, but because this is a new feature for our Terraform provider, we've given it beta label.

This status just means we've paused for a bit to get your feedback to make sure this data source works like you need and expect.

List certificate authority (CA) certificates under the account.

data "akamai_mtlskeystore_account_ca_certificates" "my-ca-certs" {
  status = ["CURRENT"]
}

output "my-ca-certs" {
  value = data.akamai_mtlskeystore_account_ca_certificates.my-ca-certs
}
Changes to Outputs:
  + my-ca-certs = {
      + certificates = [
          + {
              + account_id          = "A-CCT1234"
              + certificate         = <<-EOT
                    -----BEGIN CERTIFICATE-----
                    nMIID <sample - removed for readability> .... nMweq
                    -----END CERTIFICATE-----
                EOT
              + common_name         = "12345 Account CA G1"
              + created_by          = "jsmith@example.com"
              + created_date        = "2025-07-01T10:21:28Z"
              + expiry_date         = "2030-06-30T10:21:33Z"
              + id                  = 123
              + issued_date         = "2025-07-01T10:21:33Z"
              + key_algorithm       = "RSA"
              + key_size_in_bytes   = 4096
              + qualification_date  = null
              + signature_algorithm = "SHA256_WITH_RSA"
              + status              = "CURRENT"
              + subject             = "/C=US/O=Akamai Technologies, Inc./OU=Akamai CDN mTLS/CN=12345 Account CA G1/"
              + version             = 1
            },
        ]
      + status       = [
          + "CURRENT",
        ]
    }

Arguments

Pass an empty data block to get all CA certificates available to you. Optionally, pass the status argument to narrow down the results.

Argument Required Description
status CA certificates' statuses separated by a comma. Use it to narrow down the results only to the CA certificates that match the provided status. Possible values are:
  • QUALIFYING
  • CURRENT
  • PREVIOUS
  • EXPIRED

Attributes

Returned to you is a set of certificates with their details.

AttributeDescription
idThe CA certificate's ID.
account_idThe account ID the CA certificate is under.
certificateThe certificate block of the CA certificate.
common_nameThe common name of the CA certificate. Its value includes the Akamai account’s cache-key ID and a sequential number generated by mTLS Origin Keystore. For example, the Akamai account’s cache-key ID is 12345 and the first generation of the account CA certificate is G1. The CA certificate’s common name is 12345 Account CA G1.
created_byThe user that created the CA certificate.
created_dateThe ISO 8601 timestamp indicating when the CA certificate was created.
expiry_dateThe ISO 8601 timestamp indicating when the CA certificate expires.
issued_dateThe ISO 8601 timestamp indicating when the CA certificate was issued.
key_algorithmThe CA certificate's encryption algorithm, either RSA or ECDSA.
key_size_in_bytesThe private key length of the CA certificate.
qualification_dateThe ISO 8601 timestamp indicating when the CA certificate's status moved from QUALIFYING to CURRENT.
signature_algorithmThe algorithm that secures the data exchange between the edge server and the origin.
statusThe status of the CA certificate. Possible values are: QUALIFYING, CURRENT, PREVIOUS, or EXPIRED.
subjectThe CA certificate’s key value details.
versionThe CA certificate's version number.