From a3657dc604fbffafce5c42f8ad0a972e4cf0213c Mon Sep 17 00:00:00 2001 From: Theron Voran Date: Tue, 13 Jun 2023 10:15:52 -0700 Subject: [PATCH] docs/pki: add remove_roots_from_chain option to /pki/issue (#21161) Adds the `remove_roots_from_chain` option to the docs for `/pki/issue`, based on addNonCACommonFields(). --- website/content/api-docs/secret/pki.mdx | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/website/content/api-docs/secret/pki.mdx b/website/content/api-docs/secret/pki.mdx index 6a2761b56f..64ca4b904b 100644 --- a/website/content/api-docs/secret/pki.mdx +++ b/website/content/api-docs/secret/pki.mdx @@ -637,6 +637,10 @@ It is suggested to limit access to the path-overridden issue endpoint (on `YYYY-MM-ddTHH:MM:SSZ`. Supports the Y10K end date for IEEE 802.1AR-2018 standard devices, `9999-12-31T23:59:59Z`. +- `remove_roots_from_chain` `(bool: false)` - If true, the returned `ca_chain` + field will not include any self-signed CA certificates. Useful if end-users + already have the root CA in their trust store. + - `user_ids` `(string: "")` - Specifies the comma-separated list of requested User ID (OID 0.9.2342.19200300.100.1.1) Subject values to be placed on the signed certificate. This field is validated against `allowed_user_ids` on