* pki: add subject key identifier to read key response
This will be helpful for the Terraform Vault Provider to detect
migration of pre-1.11 exported keys (from CA generation) into post-1.11
Vault.
* add changelog
* Update builtin/logical/pki/path_fetch_keys.go
Co-authored-by: Alexander Scheel <alex.scheel@hashicorp.com>
* check for managed key first
* Validate the SKID matches on root CAs
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Validate SKID matches on int CAs
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Fix formatting of tests
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
---------
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
Co-authored-by: Alexander Scheel <alex.scheel@hashicorp.com>
John-Michael Faircloth