Account CA certificates
BetaHello. Just a note to let you know the underlying API on which this data source is built is general release and has been vetted, but because this is a new feature for our Terraform provider, we've given it beta label.
This status just means we've paused for a bit to get your feedback to make sure this data source works like you need and expect.
List certificate authority (CA) certificates under the account.
data "akamai_mtlskeystore_account_ca_certificates" "my-ca-certs" {
status = ["CURRENT"]
}
output "my-ca-certs" {
value = data.akamai_mtlskeystore_account_ca_certificates.my-ca-certs
}my-ca-certs = {
certificates = [
{
account_id = "A-CCT1234"
certificate = <<-EOT
-----BEGIN CERTIFICATE-----
nMIID <sample - removed for readability> .... nMweq
-----END CERTIFICATE-----
EOT
common_name = "12345 Account CA G1"
created_by = "jsmith@example.com"
created_date = "2025-07-01T10:21:28Z"
expiry_date = "2030-06-30T10:21:33Z"
id = 123
issued_date = "2025-07-01T10:21:33Z"
key_algorithm = "RSA"
key_size_in_bytes = 4096
qualification_date = null
signature_algorithm = "SHA256_WITH_RSA"
status = "CURRENT"
subject = "/C=US/O=Akamai Technologies, Inc./OU=Akamai CDN mTLS/CN=12345 Account CA G1/"
version = 1
},
]
status = [
"CURRENT",
]
}Arguments
Pass an empty data block to get all CA certificates available to you. Optionally, pass the status argument to narrow down the results.
| Argument | Required | Description |
|---|---|---|
status | CA certificates' statuses separated by a comma. Use it to narrow down the results only to the CA certificates that match the provided status. Possible values are:
|
Attributes
Returned to you is a set of certificates with their details.
| Attribute | Description |
|---|---|
id | The CA certificate's ID. |
account_id | The account ID the CA certificate is under. |
certificate | The certificate block of the CA certificate. |
common_name | The common name of the CA certificate. Its value includes the Akamai account’s cache-key ID and a sequential number generated by mTLS Origin Keystore. For example, the Akamai account’s cache-key ID is 12345 and the first generation of the account CA certificate is G1. The CA certificate’s common name is 12345 Account CA G1. |
created_by | The user that created the CA certificate. |
created_date | The ISO 8601 timestamp indicating when the CA certificate was created. |
expiry_date | The ISO 8601 timestamp indicating when the CA certificate expires. |
issued_date | The ISO 8601 timestamp indicating when the CA certificate was issued. |
key_algorithm | The CA certificate's encryption algorithm, either RSA or ECDSA. |
key_size_in_bytes | The private key length of the CA certificate. |
qualification_date | The ISO 8601 timestamp indicating when the CA certificate's status moved from QUALIFYING to CURRENT. |
signature_algorithm | The algorithm that secures the data exchange between the edge server and the origin. |
status | The status of the CA certificate. Possible values are: QUALIFYING, CURRENT, PREVIOUS, or EXPIRED. |
subject | The CA certificate’s key value details. |
version | The CA certificate's version number. |
Updated 3 months ago