Using an encrypted API signing key does not work

[mthmulders]

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment

Terraform Version and Provider Version

Terraform v1.8.3
on darwin_arm64
+ provider registry.terraform.io/oracle/oci v5.41.0

Affected Resource(s)

affected_resources = terraform

Terraform Configuration Files

terraform {
  required_providers {
    oci = {
      source  = "oracle/oci"
      version = "~> 5.41.0"
    }
  }
}

provider "oci" {
  tenancy_ocid         = "<redacted>"
  user_ocid            = "<redacted>"
  fingerprint          = "<redacted>"
  private_key_path     = "<redacted>"
  private_key_password = "<redacted>"
  region               = "<redacted>"
}

resource "oci_identity_compartment" "test" {
  compartment_id = "<redacted>"
  description    = "Test"
  name           = "test"
}

Debug Output

n/a

Panic Output

n/a

Expected Behavior

The "test" compartment should be created.

Actual Behavior

Error: 401-NotAuthenticated, Failed to verify the HTTP(S) Signature

Steps to Reproduce

1. Create an API signing key and encrypt it.
2. Extract the public key and register that in the Oracle Cloud dashboard.
3. Configure Terraform as described above.
4. Run terraform apply.

Important Factoids

• I've decrypted the API signing key and removed the private_key_password parameter. Then the test compartment gets creted.
• I've verified that the password in my configuration matches the password to the private key - otherwise I couldn't have decrypt it.

[tf-oci-pub]

Thank you for reporting the issue. We have raised an internal ticket to track this. Our service engineers will get back to you.