Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

(aws_iam_server_certificate) Error when creating SSL Certificate #5158

Closed
gregorskii opened this issue Feb 17, 2016 · 6 comments · Fixed by #5178
Closed

(aws_iam_server_certificate) Error when creating SSL Certificate #5158

gregorskii opened this issue Feb 17, 2016 · 6 comments · Fixed by #5178
Labels
bug provider/aws

Comments

@gregorskii
Copy link

Hi there,

I am getting an error when creating a SSL certificate:

resource "aws_iam_server_certificate" "web-iam-server-ssl-certificate" {
  name = "${format("web_ssl_certificate-%s", "${var.region}")}"
  certificate_body = "${file("${var.ssl_cert_path}")}"
  private_key = "${file("${var.ssl_key_path}")}"
}

Where ssl_key_path, ssl_cert_path are valid and defined in the tfvars.

Error applying plan:

1 error(s) occurred:

* aws_iam_server_certificate.web-iam-server-ssl-certificate: timeout while waiting for state to become '[success]'

Terraform does not automatically rollback in the face of errors.
Instead, your Terraform state file has been partially updated with
any resources that successfully completed. Please address the error
above and apply again to incrementally change your infrastructure.
Terraform apply failed

Using Terraform 0.6.11
@catsby
Copy link
Contributor

catsby commented Feb 17, 2016

Hey @gregorskii ! Is there any more context you can provide for me here? I'm unable to reproduce this in a new create operation, specifically. I can reproduce a similar error when I'm trying to update an existing SSL cert that is currently in use. Any chance you're doing something similar?

@gregorskii
Copy link
Author

Yes that is likely what was happening. The SSL was created by TF attached to a ELB. I was not changing the SSL contents at all, it appeard that when using the file() process it was reading a new value (or what was on AWS was invalid).

I was only able to disassociate the SSL from the LB in the console website.

Would it be possible for TF to disassociate the SSL from the LB while it updates it? Or create a new resource and swap it?

@catsby catsby mentioned this issue Feb 17, 2016
Merged
@catsby
Copy link
Contributor

catsby commented Feb 17, 2016

Hey @gregorskii – yeah the typical work around here is to employ the create_before_destroy lifecycle block. In order for that to work though, the resource may need an auto-generated name to avoid name conflicts, which aws_iam_server_certificate doesn't, until #5178 gets merged 😄

@gregorskii
Copy link
Author

Ok thank you, I have found a temporary workaround.

I will wait for that ticket to be merged. Feel free to keep this open or close it.

Thanks!

@catsby
Copy link
Contributor

catsby commented Feb 17, 2016

Thanks for the follow ups!

@ghost
Copy link

ghost commented Apr 28, 2020

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.

@ghost ghost locked and limited conversation to collaborators Apr 28, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
bug provider/aws
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

provider/aws: Update IAM Server Cert hashicorp/terraform
3 participants
@catsby @stack72 @gregorskii