Open shade-belisar opened 6 days ago
I manged to find a way to make this issue reproducible:
- set_fact:
cert_name: "certificate-name"
cert_text: "{{ lookup('file', 'path/to/db.crt') }}"
chain_text: "{{ lookup('file', 'path/to/cadb.pem') }}"
privkey_text: "{{ lookup('file', 'path/to/db.key') }}"
This was fixed in version 4.1.0 of the collection, could you please update your collection?
Ah, my bad. I was under the (mistaken) assumption that 3.1.1 was the latest version, because it is the version listed in the Ansible Docs.
Do I understand the readme correctly and there is no up-to-date online documentation? It only mentions ansible-doc, but the terminal is in my opinion not nearly as legible and easy to handle as a web page.
You should be able to change the version of the docs to see the latest collection docs.
If you installed the collection that is bundled into the "ansible" package, then it is possible that you have an older version of the collection. In this case, the documentation version "stable" is probably correct.
If you installed the collection from ansible galaxy, then you should probably use the documentation from the "devel" version.
SUMMARY
When running a task to create a certificate, I'm getting a rather cryptic error. Additionally, the same task with a different certificate runs fine.
ISSUE TYPE
COMPONENT NAME
hetzner.hcloud.certificate
ANSIBLE VERSION
COLLECTION VERSION
CONFIGURATION
OS / ENVIRONMENT
Control Node: docker:26.0.1 Target System: current Hetzner Cloud
STEPS TO REPRODUCE
Unfortunately I cannot provide exact steps to reproduce the error because it only happens with one out of several certificates and I obviously cannot share this. Nevertheless, this is the task that fails.
One thing I noticed though is that the private key of the non-working certificate is 1746 characters long, but the keys of the working certificates are only 186 characters long. However, the certificate that cannot be uploaded via Ansible can be uploaded successfully via the Hetzner Cloud Console.
EXPECTED RESULTS
I expected the specified certificate to be created. I know that the certificate is valid because I can upload and assign it manually.
Alternatively, if there actually is something wrong with this certificate that the web portal just ignores, I would expect a more helpful error message.
ACTUAL RESULTS
The certificate upload fails with a very cryptic error message.