|
|
@@ -9,7 +9,7 @@ resource "aws_acmpca_certificate_authority_certificate" "subordinate" {
|
|
|
resource "aws_acmpca_certificate" "subordinate" {
|
|
|
certificate_authority_arn = var.root_authority_arn
|
|
|
certificate_signing_request = aws_acmpca_certificate_authority.subordinate.certificate_signing_request
|
|
|
- signing_algorithm = "SHA512WITHRSA"
|
|
|
+ signing_algorithm = "SHA512WITHECDSA"
|
|
|
|
|
|
template_arn = "arn:${var.aws_partition}:acm-pca:::template/SubordinateCACertificate_PathLen0/V1"
|
|
|
|
|
|
@@ -24,11 +24,11 @@ resource "aws_acmpca_certificate_authority" "subordinate" {
|
|
|
type = "SUBORDINATE"
|
|
|
|
|
|
certificate_authority_configuration {
|
|
|
- key_algorithm = "RSA_2048"
|
|
|
- signing_algorithm = "SHA512WITHRSA"
|
|
|
+ key_algorithm = "EC_secp384r1"
|
|
|
+ signing_algorithm = "SHA512WITHECDSA"
|
|
|
|
|
|
subject {
|
|
|
- common_name = "XDR Subordinate CA #1"
|
|
|
+ common_name = "XDR ${var.purpose} Subordinate CA v2"
|
|
|
country = "US"
|
|
|
organization = "Accenture Federal Services"
|
|
|
organizational_unit = "XDR"
|
Frederick Damstra