Skip to content

[Bug]: Lack of support for intermediate_certificates in netapp-ontap_security_certificate causes installed certificates to be unusable #484

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
alexhoulton opened this issue Apr 30, 2025 · 0 comments
Open

[Bug]: Lack of support for intermediate_certificates in netapp-ontap_security_certificate causes installed certificates to be unusable #484

alexhoulton opened this issue Apr 30, 2025 · 0 comments
Labels
bug Something isn't working
Milestone
2.2.1

Comments

@alexhoulton
Copy link

Terraform Core Version

1.4.4

ONTAP Provider Version

2.1.1

Affected Resource(s)

  • netapp-ontap_security_certificate

Expected Behavior

Installing a certificate that requires intermediate certificates is successful.

Actual Behavior

You cannot chain the certificate and intermediate together in the public_certificate field, as this causes an error.

Relevant Error/Panic Output Snippet

│ error on POST security/certificates: REST reported error
│ restclient.RestError{Code:"52559975", Message:"Failed to read the
│ certificate due to incorrect formatting.", Target:"public_certificate"},
│ statusCode: 400, statusCode 400

Terraform Configuration Files

resource "netapp-ontap_security_certificate" "install_certificate" {
  cx_profile_name = var.netapp_cluster_name
  common_name     = "${var.netapp_cluster_name}"
  type            = "server"

  private_key        = acme_certificate.netapp_tls_cert.private_key_pem
  public_certificate = join("", [
      acme_certificate.netapp_tls_cert.certificate_pem,
      acme_certificate.netapp_tls_cert.issuer_pem
      var.acme_ca_root_cert_pem
    ])
}

Steps to Reproduce

attempt to install the certificate with the intermediate chained into the public_certificate variable

Debug Output

No response

Panic Output

No response

Important Factoids

Certificates that require the intermediate chained to be trusted cannot be utilised through the terraform provider at all, as they are not trusted. Based on the bug criteria, this is unexpected behaviour "If the absense of the requested feature is causing unexpected behavior in the provider", so this was filed under Bug rather than Enhancement.

References

No response

Would you like to implement a fix?

None
@alexhoulton alexhoulton added the bug Something isn't working label Apr 30, 2025
@suhasbshekar suhasbshekar added this to the 2.3.0 milestone May 12, 2025
@suhasbshekar suhasbshekar moved this from Future to 2.3.0 in Terraform for ONTAP Roadmap May 12, 2025
@suhasbshekar suhasbshekar moved this from 2.3.0 to 2.2.1 in Terraform for ONTAP Roadmap May 12, 2025
@suhasbshekar suhasbshekar modified the milestones: 2.3.0, 2.2.1 May 12, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
Terraform for ONTAP Roadmap
Status: 2.2.1
Milestone
2.2.1
2 participants
@alexhoulton @suhasbshekar