Account CA certificates
akamai_mtlskeystore_account_ca_certificates
Hello. Just a note to let you know the underlying API on which this data source is built is general release and has been vetted, but because this is a new feature for our Terraform provider, we've given it beta label.
This status just means we've paused for a bit to get your feedback to make sure this data source works like you need and expect.
List certificate authority (CA) certificates under the account.
data "akamai_mtlskeystore_account_ca_certificates" "my-ca-certs" {
status = ["CURRENT"]
}
output "my-ca-certs" {
value = data.akamai_mtlskeystore_account_ca_certificates.my-ca-certs
}
Changes to Outputs:
+ my-ca-certs = {
+ certificates = [
+ {
+ account_id = "A-CCT1234"
+ certificate = <<-EOT
-----BEGIN CERTIFICATE-----
nMIID <sample - removed for readability> .... nMweq
-----END CERTIFICATE-----
EOT
+ common_name = "12345 Account CA G1"
+ created_by = "jsmith@example.com"
+ created_date = "2025-07-01T10:21:28Z"
+ expiry_date = "2030-06-30T10:21:33Z"
+ id = 123
+ issued_date = "2025-07-01T10:21:33Z"
+ key_algorithm = "RSA"
+ key_size_in_bytes = 4096
+ qualification_date = null
+ signature_algorithm = "SHA256_WITH_RSA"
+ status = "CURRENT"
+ subject = "/C=US/O=Akamai Technologies, Inc./OU=Akamai CDN mTLS/CN=12345 Account CA G1/"
+ version = 1
},
]
+ status = [
+ "CURRENT",
]
}
Arguments
Pass an empty data block to get all CA certificates available to you. Optionally, pass the status argument to narrow down the results.
| Argument | Required | Description |
|---|---|---|
status |
CA certificates' statuses separated by a comma. Use it to narrow down the results only to the CA certificates that match the provided status. Possible values are:
|
Attributes
Returned to you is a set of certificates with their details.
| Attribute | Description |
|---|---|
id | The CA certificate's ID. |
account_id | The account ID the CA certificate is under. |
certificate | The certificate block of the CA certificate. |
common_name | The common name of the CA certificate. Its value includes the Akamai account’s cache-key ID and a sequential number generated by mTLS Origin Keystore. For example, the Akamai account’s cache-key ID is 12345 and the first generation of the account CA certificate is G1. The CA certificate’s common name is 12345 Account CA G1. |
created_by | The user that created the CA certificate. |
created_date | The ISO 8601 timestamp indicating when the CA certificate was created. |
expiry_date | The ISO 8601 timestamp indicating when the CA certificate expires. |
issued_date | The ISO 8601 timestamp indicating when the CA certificate was issued. |
key_algorithm | The CA certificate's encryption algorithm, either RSA or ECDSA. |
key_size_in_bytes | The private key length of the CA certificate. |
qualification_date | The ISO 8601 timestamp indicating when the CA certificate's status moved from QUALIFYING to CURRENT. |
signature_algorithm | The algorithm that secures the data exchange between the edge server and the origin. |
status | The status of the CA certificate. Possible values are: QUALIFYING, CURRENT, PREVIOUS, or EXPIRED. |
subject | The CA certificate’s key value details. |
version | The CA certificate's version number. |
Updated 3 days ago