Commit Graph

4 Commits

Author SHA1 Message Date
Martin Atkins
804d714ff6 Restore tls_cert_request to being a managed resource
In c244e5a6 this resource was converted to a data source, but that was
a mistake since data sources are expected to produce stable results on
each run, and yet certificate requests contain a random nonce as part of
the signature.

Additionally, using the data source as a managed resource through the
provided compatibility shim was not actually working, since "Read" was
trying to parse the private key out of a SHA1 hash of the key, which is
what we place in state due to the StateFunc on that attribute.

By restoring this we restore Terraform's ability to produce all of the
parts of a basic PKI/CA, which is useful for creating dev environments
and bootstrapping PKI for production environments.
2016-09-24 12:22:07 -07:00
Martin Atkins
c244e5a668 Convert tls_cert_request to be a data source
This resource (unlike the others in this provider) isn't stateful, so it
is a good candidate to be a data source.

The old resource form is preserved via the standard shim in helper/schema,
which will generate a deprecation warning but will still allow the
resource to be used.
2016-07-02 08:07:53 -07:00
Silas Sewell
309e697a52 provider/tls: add locally signed certificates
This allows you to generate and sign certificates using a local CA.
2015-11-15 20:23:40 -05:00
Martin Atkins
f6fd41e7b5 tls provider
As of this commit this provider has only logical resources that allow
the creation of private keys, self-signed certs and certificate requests.
These can be useful when creating other resources that use TLS
certificates, such as AWS Elastic Load Balancers.

Later it could grow to include support for real certificate provision from
CAs using the LetsEncrypt ACME protocol, once it is stable.
2015-10-22 21:48:32 -07:00