Closed Nishanth95 closed 3 hours ago
Voting for Prioritization
Volunteering to Work on This Issue
Hey @Nishanth95 👋 Thank you for taking the time to raise this! Can you supply a bit more information so that we're able to take corrective action as needed?
Since we haven't heard back, I'm going to close this issue. If you're still having trouble, please feel free to open a new issue, referencing this one for context as needed.
[!WARNING] This issue has been closed, meaning that any additional comments are hard for our team to see. Please assume that the maintainers will not see them.
Ongoing conversations amongst community members are welcome, however, the issue will be locked after 30 days. Moving conversations to another venue, such as the AWS Provider forum, is recommended. If you have additional concerns, please open a new issue, referencing this one where needed.
Documentation Link
https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/acmpca_certificate
Description
tls_private_key.key: Creating... aws_acmpca_certificate_authority.example: Creating... tls_private_key.key: Creation complete after 1s [id=750129974b243a0bfc97b5e7cc7860d1226b2981] tls_cert_request.csr: Creating... tls_cert_request.csr: Creation complete after 0s [id=c286cc30a1c12809ed6f3370c0b90924d16a8030] aws_acmpca_certificate_authority.example: Creation complete after 1s [id=arn:aws:acm-pca:us-east-1:075361822965:certificate-authority/2525d2a6-0734-406a-adb6-b8a7015a3474] aws_acmpca_certificate.example: Creating... aws_acmpca_certificate.example: Still creating... [10s elapsed] aws_acmpca_certificate.example: Still creating... [20s elapsed] aws_acmpca_certificate.example: Still creating... [30s elapsed] aws_acmpca_certificate.example: Still creating... [40s elapsed] aws_acmpca_certificate.example: Still creating... [50s elapsed] aws_acmpca_certificate.example: Still creating... [1m0s elapsed] ╷ │ Error: issuing ACM PCA Certificate with Certificate Authority (arn:aws:acm-pca:us-east-1:075361822965:certificate-authority/2525d2a6-0734-406a-adb6-b8a7015a3474): operation error ACM PCA: IssueCertificate, https response error StatusCode: 400, RequestID: 2bbfadff-87bd-4439-bff6-058e37ef6b7a, InvalidStateException: The certificate authority is not in a valid state for issuing certificates │ │ with aws_acmpca_certificate.example, │ on main.tf line 1, in resource "aws_acmpca_certificate" "example": │ 1: resource "aws_acmpca_certificate" "example" { │
References
[root@ip-172-31-95-251 acm]# cat main.tf resource "aws_acmpca_certificate" "example" { certificate_authority_arn = aws_acmpca_certificate_authority.example.arn certificate_signing_request = tls_cert_request.csr.cert_request_pem signing_algorithm = "SHA256WITHRSA" validity { type = "YEARS" value = 1 } }
resource "aws_acmpca_certificate_authority" "example" { type = "ROOT" certificate_authority_configuration { key_algorithm = "RSA_4096" signing_algorithm = "SHA512WITHRSA"
}
permanent_deletion_time_in_days = 7 }
resource "tls_private_key" "key" { algorithm = "RSA" }
resource "tls_cert_request" "csr" { private_key_pem = tls_private_key.key.private_key_pem
subject { common_name = "example" } }
Would you like to implement a fix?
None