Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Backport of Add missing parameter signature_bits to the generate root PKI API docs into release/1.18.x #29526

Merged
merged 1 commit into from
Feb 11, 2025
Merged

Backport of Add missing parameter signature_bits to the generate root PKI API docs into release/1.18.x #29526

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 6 additions & 0 deletions website/content/api-docs/secret/pki/index.mdx
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2176,6 +2176,12 @@ use the values set via `config/urls`.
`alt_names` map using OID 2.5.4.5. Note that this has no impact on the
Certificate's serial number field, which Vault randomly generates.

- `signature_bits` `(int: 0)` - Specifies the number of bits to use in
the signature algorithm; accepts 256 for SHA-2-256, 384 for SHA-2-384,
and 512 for SHA-2-512. Defaults to 0 to automatically detect based
on issuer's key length (SHA-2-256 for RSA keys, and matching the curve size
for NIST P-Curves).
Comment on lines +2179 to +2183
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
- `signature_bits` `(int: 0)` - Specifies the number of bits to use in
the signature algorithm; accepts 256 for SHA-2-256, 384 for SHA-2-384,
and 512 for SHA-2-512. Defaults to 0 to automatically detect based
on issuer's key length (SHA-2-256 for RSA keys, and matching the curve size
for NIST P-Curves).
- `signature_bits` `(int: 0)` - The number of bits used in the signature
algorithm. Must be one of the following:
- `256` to use SHA-2-256
- `384` to use SHA-2-384,
- `512` to use SHA-2-512
- `0` to use automatic detection based on the issuer key length. For example,
SHA-2-256 for RSA keys, and matching the curve size for NIST P-Curves.

Style correction: make key values easy to scan for, avoid possessives


- `not_before_duration` `(duration: "30s")` - Specifies the duration by which to
backdate the NotBefore property. This value has no impact in the validity period
of the requested certificate, specified in the `ttl` field.
Expand Down
Loading