diff --git a/CHANGELOG.md b/CHANGELOG.md
index bbee04f8..20e73fbf 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,3 +1,11 @@
+## 3.2.1 (April 05, 2022)
+
+BUG FIXES:
+
+* resource/tls_locally_signed_cert: Fix issue preventing the generation of [subject key identifier](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.2) for private keys using ED25519 ([#182](https://github.com/hashicorp/terraform-provider-tls/pull/182))
+
+* resource/tls_self_signed_cert: Fix issue preventing the generation of [subject key identifier](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.2) for private keys using ED25519 ([#182](https://github.com/hashicorp/terraform-provider-tls/pull/182))
+
 ## 3.2.0 (April 04, 2022)
 
 NEW FEATURES:
diff --git a/docs/resources/locally_signed_cert.md b/docs/resources/locally_signed_cert.md
index 8fa00669..27442006 100644
--- a/docs/resources/locally_signed_cert.md
+++ b/docs/resources/locally_signed_cert.md
@@ -47,7 +47,7 @@ resource "tls_locally_signed_cert" "example" {
 - `ca_key_algorithm` (String, Deprecated) Name of the algorithm used when generating the private key provided in `ca_private_key_pem`. **NOTE**: this is deprecated and ignored, as the key algorithm is now inferred from the key.
 - `early_renewal_hours` (Number) The resource will consider the certificate to have expired the given number of hours before its actual expiry time. This can be useful to deploy an updated certificate in advance of the expiration of the current certificate. However, the old certificate remains valid until its true expiration time, since this resource does not (and cannot) support certificate revocation. Also, this advance update can only be performed should the Terraform configuration be applied during the early renewal period. (default: `0`)
 - `is_ca_certificate` (Boolean) Is the generated certificate representing a Certificate Authority (CA) (default: `false`).
-- `set_subject_key_id` (Boolean) Should the generated certificate include a subject key identifier (default: `false`).
+- `set_subject_key_id` (Boolean) Should the generated certificate include a [subject key identifier](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.2) (default: `false`).
 
 ### Read-Only
 
diff --git a/docs/resources/self_signed_cert.md b/docs/resources/self_signed_cert.md
index cc71ebdb..c7345c9f 100644
--- a/docs/resources/self_signed_cert.md
+++ b/docs/resources/self_signed_cert.md
@@ -53,7 +53,7 @@ resource "tls_self_signed_cert" "example" {
 - `ip_addresses` (List of String) List of IP addresses for which a certificate is being requested (i.e. certificate subjects).
 - `is_ca_certificate` (Boolean) Is the generated certificate representing a Certificate Authority (CA) (default: `false`).
 - `key_algorithm` (String, Deprecated) Name of the algorithm used when generating the private key provided in `private_key_pem`. **NOTE**: this is deprecated and ignored, as the key algorithm is now inferred from the key.
-- `set_subject_key_id` (Boolean) Should the generated certificate include a subject key identifier (default: `false`).
+- `set_subject_key_id` (Boolean) Should the generated certificate include a [subject key identifier](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.2) (default: `false`).
 - `uris` (List of String) List of URIs for which a certificate is being requested (i.e. certificate subjects).
 
 ### Read-Only
diff --git a/internal/provider/common_cert.go b/internal/provider/common_cert.go
index 682aead1..dfd9745f 100644
--- a/internal/provider/common_cert.go
+++ b/internal/provider/common_cert.go
@@ -308,10 +308,11 @@ func setCertificateCommonSchema(s map[string]*schema.Schema) {
 	}
 
 	s["set_subject_key_id"] = &schema.Schema{
-		Type:        schema.TypeBool,
-		Optional:    true,
-		ForceNew:    true,
-		Description: "Should the generated certificate include a subject key identifier (default: `false`).",
+		Type:     schema.TypeBool,
+		Optional: true,
+		ForceNew: true,
+		Description: "Should the generated certificate include a " +
+			"[subject key identifier](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.2) (default: `false`).",
 	}
 
 	s["id"] = &schema.Schema{