Key generation
The key_gen field defines key format, size, and generation rules allowed for the certificates issued from the template.
Example JSON
{
"key_gen": {
"enabled": true,
"key_type": {
"allowed_types": [
"rsa",
"ecdsa",
"Ed25519"
],
"default_key_type": "rsa"
},
"rsa_key_size": {
"min_bits": 1024,
"max_bits": 4096,
"default_bits": 2048
},
"ecdsa_curve": {
"allowed_curves": [
"P-256",
"P-384",
"P-521"
],
"default_curve": "P-256"
}
},
Parameters
Object | Parameters | Type | Req/Opt | Description |
|---|---|---|---|---|
key_gen | object | optional | Defines the rules for key generation. | |
enabled | boolean | optional | Defines whether key generation is enabled or not. Allowed values include:
| |
key_type | object | optional | Defines the supported key types. | |
allowed_types | array of strings | optional | Key types supported for the template. You can add names of key types, like rsa, ecdsa, and Ed25519. | |
default_type | string | Sets a default key type if the template user doesn't specify one. | ||
rsa_key_size | object | Defines the RSA key sizes to be used in the certificates issued from this template. | ||
min_bits | numeric | Defines the minimum key size for RSA keys in bits. | ||
max_bits | numeric | Defines the maximum key size for RSA keys in bits. | ||
default_bits | numeric | Set a default size if the template user doesn't specify one. | ||
ecdsa_curves | object | Defines the ecdsa curves to be used in the certificates issued from this template. | ||
allowed_curves | array of strings | Lists all the ecdsa curves allowed, like P-256, P-384, and P=521. | ||
default_curve | string | Sets a default curve if the template user doesn't specify one. |