Update resource_certificate_local.go - change private_key from required to optional#393
Open
endmon wants to merge 1 commit intofortinetdev:mainfrom
Open
Update resource_certificate_local.go - change private_key from required to optional#393endmon wants to merge 1 commit intofortinetdev:mainfrom
endmon wants to merge 1 commit intofortinetdev:mainfrom
Conversation
Update resource_certificate_local.go - change private_key from required to optional
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
To create ACME certificate on multi-vdom installation, the ressource needed is "certificate local" https://community.fortinet.com/t5/FortiGate/Technical-Tip-Creating-ACME-Certificates-via-CLI-on-Multiple/ta-p/285479
instead of "vpn certificate local" on Standalone vdom installation.
But in the ressource "fortios_certificate_local", the attribute private_key is required. The pricate_key is not needed to create ACME certificate (private-key is unset on Fortios when a ACME certificate is created). And in fortios_vpncertificate_local, the attribute private_key is optional .
To get around the problem, I put in a fake private_key, which isn't used anyway when you do ACME.