Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Error updating VpnCertificateLocal resource: Internal Server Error #301

Open
freidenker opened this issue Oct 24, 2023 · 3 comments
Open

Comments

@freidenker
Copy link

freidenker commented Oct 24, 2023

- Internal error when processing the request (500) │ Cli response: │ Input is not a valid/matched certificate. │ node_check_object fail!


Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following
symbols:
  ~ update in-place

Terraform will perform the following actions:

  # fortios_vpncertificate_local.main will be updated in-place
  ~ resource "fortios_vpncertificate_local" "main" {
      ~ certificate                  = (sensitive value)
        id                           = "system-ssl-cert"
        name                         = "system-ssl-cert"
      ~ private_key                  = (sensitive value)
        # (14 unchanged attributes hidden)
    }

Plan: 0 to add, 1 to change, 0 to destroy.

Changes to Outputs:
  - cert = (sensitive value) -> null

Do you want to perform these actions?
  Terraform will perform the actions described above.
  Only 'yes' will be accepted to approve.

  Enter a value: yes

fortios_vpncertificate_local.main: Modifying... [id=system-ssl-cert]
╷
│ Error: Error updating VpnCertificateLocal resource: Internal Server Error - Internal error when processing the request (500)
│ Cli response:
│ Input is not a valid/matched certificate.
│ node_check_object fail! for certificate -----BEGIN CERTIFICATE-----
 previous certificate body
 previous certificate body
 previous certificate body
 previous certificate body
 previous certificate body
 previous certificate body
│ -----END CERTIFICATE-----
│
│ value parse error before '-----BEGIN CERTIFICATE-----
│ MIIGNDCCB
│ Command fail. Return code -651
│
│
│   with fortios_vpncertificate_local.main,
│   on 10-system.tf line 19, in resource "fortios_vpncertificate_local" "main":
│   19: resource "fortios_vpncertificate_local" "main" {

FortiOS provider version:

    fortios = {
      source  = "fortinetdev/fortios"
      version = "1.18.0"
    }

Fortigate Information:

FortiGate-VM64-AWS
v7.2.5 build1517 (Feature)

resource fortios_vpncertificate_local definition:

resource "fortios_vpncertificate_local" "main" {
  name        = "system-ssl-cert"
  range       = "global"
  source      = "user"
  private_key = local.privateKey
  certificate = local.certificateBody
}
@MaxxLiu22
Copy link

Hi @freidenker ,

Thank you for raising this issue, there is some issue around fortios_vpncertificate_local resource API, we suggest using fortios_json_generic_api as a workaround solution, example, let me know if that doesn't work for you.

Thanks,
Maxx

@freidenker
Copy link
Author

Hi @freidenker ,

Thank you for raising this issue, there is some issue around fortios_vpncertificate_local resource API, we suggest using fortios_json_generic_api as a workaround solution, example, let me know if that doesn't work for you.

Thanks, Maxx

Hi Maxx, I didn't choose generic api because it's not a stateful resource, i wish to rotate my certificates in the future with fortios_vpncertificate_local. anyway, thank you very much!

@MaxxLiu22
Copy link

Hi @freidenker ,

We understand your concern and will continue to investigate this issue, once there is any update, I will let you know.

Thanks,
Maxx

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants