GithubHelp home page GithubHelp logo

Comments (6)

vancluever avatar vancluever commented on June 13, 2024 1

@jdelforno the details you provided above lead me to believe that you PANOS expects the PKCS12 content raw versus base64-encoded (the local_file output you've created is basically doing the decoding for you).

I'm loath to include a raw binary output just mainly on part of Terraform lacks a binary type. Rendering binary string data might not be optimal in either output or the JSON state file. Additionally, it'd just be another - largely redundant - encoding of the certificate data.

So I'd recommend just adding the local_file resource to your configuration so that you can decode that way, or use other base64 conversion functions (like base64decode) to get the data where you need it to be.

Thanks!

from terraform-provider-acme.

jdelforno avatar jdelforno commented on June 13, 2024

Confirmed that I can output the pfx via
resource "local_file" "foobar" { filename = "./foobar.pfx" content_base64 = acme_certificate.cert.certificate_p12 }

And then upload the certificate into PANOS. Attempting to add the file directly via panos_certificate_import, fails.

I'm wondering if the issue is related to this: hashicorp/terraform#25777

from terraform-provider-acme.

jdelforno avatar jdelforno commented on June 13, 2024

Thanks @vancluever I gave the base64decode a shot when passing the the argument and received the same issue unfortunately.

I'm hoping the PANOS provider will be updated to accept base64 encoded certs soon(tm)

from terraform-provider-acme.

vancluever avatar vancluever commented on June 13, 2024

@jdelforno I did notice that the PANOS provider uses a different argument for actually accepting "stream" data instead of a file. I guess you tried using the certificate parameter instead of certificate_filename?

(Edit: doing it in the PKCS12 block obviously versus the PEM block).

from terraform-provider-acme.

jdelforno avatar jdelforno commented on June 13, 2024

I tried both at the time, in the end, I switched over my certificate provider and used the PEM block instead and it worked first time =(

from terraform-provider-acme.

vancluever avatar vancluever commented on June 13, 2024

@jdelforno when you say "certificate provider", what are you referring to? Are you still using the ACME provider?

from terraform-provider-acme.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.