d04b143bd5
* pki: When a role sets key_type to any ignore key_bits value when signing - Bypass the validation for the role's key_bits value when signing CSRs if the key_type is set to any. We still validate the key is at least 2048 for RSA backed CSRs as we did in 1.9.x and lower.
4 lines
131 B
Plaintext
4 lines
131 B
Plaintext
```release-note:bug
|
|
secret/pki: Do not fail validation with a legacy key_bits default value and key_type=any when signing CSRs
|
|
```
|