Updating CHANGELOG for 3.2.1

hashicorp · Apr 5, 2022 · 45b31f5 · 45b31f5
1 parent 8e76bad
commit 45b31f5
Show file tree

Hide file tree

Showing 4 changed files with 15 additions and 6 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,3 +1,11 @@
+## 3.2.1 (April 05, 2022)
+
+BUG FIXES:
+
+* resource/tls_locally_signed_cert: Fix issue preventing the generation of [subject key identifier](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.2) for private keys using ED25519 ([#182](https://github.com/hashicorp/terraform-provider-tls/pull/182))
+
+* resource/tls_self_signed_cert: Fix issue preventing the generation of [subject key identifier](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.2) for private keys using ED25519 ([#182](https://github.com/hashicorp/terraform-provider-tls/pull/182))
+
 ## 3.2.0 (April 04, 2022)
 
 NEW FEATURES:

diff --git a/docs/resources/locally_signed_cert.md b/docs/resources/locally_signed_cert.md
@@ -47,7 +47,7 @@ resource "tls_locally_signed_cert" "example" {
 - `ca_key_algorithm` (String, Deprecated) Name of the algorithm used when generating the private key provided in `ca_private_key_pem`. **NOTE**: this is deprecated and ignored, as the key algorithm is now inferred from the key.
 - `early_renewal_hours` (Number) The resource will consider the certificate to have expired the given number of hours before its actual expiry time. This can be useful to deploy an updated certificate in advance of the expiration of the current certificate. However, the old certificate remains valid until its true expiration time, since this resource does not (and cannot) support certificate revocation. Also, this advance update can only be performed should the Terraform configuration be applied during the early renewal period. (default: `0`)
 - `is_ca_certificate` (Boolean) Is the generated certificate representing a Certificate Authority (CA) (default: `false`).
-- `set_subject_key_id` (Boolean) Should the generated certificate include a subject key identifier (default: `false`).
+- `set_subject_key_id` (Boolean) Should the generated certificate include a [subject key identifier](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.2) (default: `false`).
 
 ### Read-Only
 

diff --git a/docs/resources/self_signed_cert.md b/docs/resources/self_signed_cert.md
@@ -53,7 +53,7 @@ resource "tls_self_signed_cert" "example" {
 - `ip_addresses` (List of String) List of IP addresses for which a certificate is being requested (i.e. certificate subjects).
 - `is_ca_certificate` (Boolean) Is the generated certificate representing a Certificate Authority (CA) (default: `false`).
 - `key_algorithm` (String, Deprecated) Name of the algorithm used when generating the private key provided in `private_key_pem`. **NOTE**: this is deprecated and ignored, as the key algorithm is now inferred from the key.
-- `set_subject_key_id` (Boolean) Should the generated certificate include a subject key identifier (default: `false`).
+- `set_subject_key_id` (Boolean) Should the generated certificate include a [subject key identifier](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.2) (default: `false`).
 - `uris` (List of String) List of URIs for which a certificate is being requested (i.e. certificate subjects).
 
 ### Read-Only

diff --git a/internal/provider/common_cert.go b/internal/provider/common_cert.go
@@ -308,10 +308,11 @@ func setCertificateCommonSchema(s map[string]*schema.Schema) {
 	}
 
 	s["set_subject_key_id"] = &schema.Schema{
-		Type:        schema.TypeBool,
-		Optional:    true,
-		ForceNew:    true,
-		Description: "Should the generated certificate include a subject key identifier (default: `false`).",
+		Type:     schema.TypeBool,
+		Optional: true,
+		ForceNew: true,
+		Description: "Should the generated certificate include a " +
+			"[subject key identifier](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.2) (default: `false`).",
 	}
 
 	s["id"] = &schema.Schema{