Comments (6)
@jdelforno the details you provided above lead me to believe that you PANOS expects the PKCS12 content raw versus base64-encoded (the local_file
output you've created is basically doing the decoding for you).
I'm loath to include a raw binary output just mainly on part of Terraform lacks a binary type. Rendering binary string data might not be optimal in either output or the JSON state file. Additionally, it'd just be another - largely redundant - encoding of the certificate data.
So I'd recommend just adding the local_file
resource to your configuration so that you can decode that way, or use other base64 conversion functions (like base64decode
) to get the data where you need it to be.
Thanks!
from terraform-provider-acme.
Confirmed that I can output the pfx via
resource "local_file" "foobar" { filename = "./foobar.pfx" content_base64 = acme_certificate.cert.certificate_p12 }
And then upload the certificate into PANOS. Attempting to add the file directly via panos_certificate_import, fails.
I'm wondering if the issue is related to this: hashicorp/terraform#25777
from terraform-provider-acme.
Thanks @vancluever I gave the base64decode a shot when passing the the argument and received the same issue unfortunately.
I'm hoping the PANOS provider will be updated to accept base64 encoded certs soon(tm)
from terraform-provider-acme.
@jdelforno I did notice that the PANOS provider uses a different argument for actually accepting "stream" data instead of a file. I guess you tried using the certificate
parameter instead of certificate_filename
?
(Edit: doing it in the PKCS12 block obviously versus the PEM block).
from terraform-provider-acme.
I tried both at the time, in the end, I switched over my certificate provider and used the PEM block instead and it worked first time =(
from terraform-provider-acme.
@jdelforno when you say "certificate provider", what are you referring to? Are you still using the ACME provider?
from terraform-provider-acme.
Related Issues (20)
- last error: could not determine the zone: unexpected response code 'SERVFAIL' HOT 11
- cloudflare: could not find the start of authority for _acme-challenge HOT 1
- [Q] Is new private key created with certificate renewal? HOT 1
- Documentation Missppelling HOT 2
- Certificate renovation HOT 1
- Add Support for DNS Flexible Engine Cloud Provider HOT 2
- Question: Is it possible to automate the renewal process e.g. with Lambda? How? HOT 1
- Cannot perform DNS challenge over Azure HOT 2
- Erorr initializing provider: MSI not available HOT 1
- Can we have an option to not do domain validation? HOT 5
- Azure provider credentials being override for environment variables HOT 2
- recursive_nameservers attribute is not respected HOT 11
- Azure DNS provider variables map HOT 5
- Upon creating or renewing a certificate, hundreds of records are deleted from dnsmadeeasy HOT 9
- Add new DNS provider `azuredns` to support new Azure authentication methods HOT 6
- Adding HTTP (s3) Verification HOT 9
- acme: error: 403 :: POST : An account with the provided public key exists but is deactivated HOT 3
- Not able to generate acme certificate by using oraclecloud dns provider HOT 14
- Terraform Destroy is causing error HOT 5
- Generating Certificates works on 2.15.1 (acme-certificate) but not anymore on 2.17 HOT 5
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from terraform-provider-acme.