search

fortinetdev / terraform-provider-fortios

Terraform Fortios provider
https://www.terraform.io/docs/providers/fortios/
Mozilla Public License 2.0
69 stars 50 forks source link

Error updating VpnCertificateLocal resource: Internal Server Error #301

Open freidenker opened 1 year ago

freidenker commented 1 year ago

- Internal error when processing the request (500) │ Cli response: │ Input is not a valid/matched certificate. │ node_check_object fail!


Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following
symbols:
  ~ update in-place

Terraform will perform the following actions:

  # fortios_vpncertificate_local.main will be updated in-place
  ~ resource "fortios_vpncertificate_local" "main" {
      ~ certificate                  = (sensitive value)
        id                           = "system-ssl-cert"
        name                         = "system-ssl-cert"
      ~ private_key                  = (sensitive value)
        # (14 unchanged attributes hidden)
    }

Plan: 0 to add, 1 to change, 0 to destroy.

Changes to Outputs:
  - cert = (sensitive value) -> null

Do you want to perform these actions?
  Terraform will perform the actions described above.
  Only 'yes' will be accepted to approve.

  Enter a value: yes

fortios_vpncertificate_local.main: Modifying... [id=system-ssl-cert]
╷
│ Error: Error updating VpnCertificateLocal resource: Internal Server Error - Internal error when processing the request (500)
│ Cli response:
│ Input is not a valid/matched certificate.
│ node_check_object fail! for certificate -----BEGIN CERTIFICATE-----
 previous certificate body
 previous certificate body
 previous certificate body
 previous certificate body
 previous certificate body
 previous certificate body
│ -----END CERTIFICATE-----
│
│ value parse error before '-----BEGIN CERTIFICATE-----
│ MIIGNDCCB
│ Command fail. Return code -651
│
│
│   with fortios_vpncertificate_local.main,
│   on 10-system.tf line 19, in resource "fortios_vpncertificate_local" "main":
│   19: resource "fortios_vpncertificate_local" "main" {

FortiOS provider version:

    fortios = {
      source  = "fortinetdev/fortios"
      version = "1.18.0"
    }

Fortigate Information:

FortiGate-VM64-AWS
v7.2.5 build1517 (Feature)

resource fortios_vpncertificate_local definition:

resource "fortios_vpncertificate_local" "main" {
  name        = "system-ssl-cert"
  range       = "global"
  source      = "user"
  private_key = local.privateKey
  certificate = local.certificateBody
}
MaxxLiu22 commented 1 year ago

Hi @freidenker ,

Thank you for raising this issue, there is some issue around fortios_vpncertificate_local resource API, we suggest using fortios_json_generic_api as a workaround solution, example, let me know if that doesn't work for you.

Thanks, Maxx

freidenker commented 1 year ago

Hi @freidenker ,

Thank you for raising this issue, there is some issue around fortios_vpncertificate_local resource API, we suggest using fortios_json_generic_api as a workaround solution, example, let me know if that doesn't work for you.

Thanks, Maxx

Hi Maxx, I didn't choose generic api because it's not a stateful resource, i wish to rotate my certificates in the future with fortios_vpncertificate_local. anyway, thank you very much!

MaxxLiu22 commented 1 year ago

Hi @freidenker ,

We understand your concern and will continue to investigate this issue, once there is any update, I will let you know.

Thanks, Maxx