-
Notifications
You must be signed in to change notification settings - Fork 8.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Bug]: aws_acm_certificate error "certificate field contains more than one certificate" #37537
Comments
Community NoteVoting for Prioritization
Volunteering to Work on This Issue
|
As an added note, I am able to import this certificate via both the AWS console, and the aws cli, using the same strings and files without an issue. |
Hey @reskin89 👋 Thank you for taking the time to raise this! Are you able to supply a bit more of the debug logging over, redacted as needed? Having a bit more context (specifically around the request/response) may reveal the underlying issue. |
@justinretzolk what I provided is all the debug I have regarding the acm request, its very sparse. |
Today I wasted a few hours trying to find out what was wrong with my Terraform code. I kept receiving the same error:
My value of I'm running AWS provider v5.50.0 with Terraform v1.8.1 |
It appears that the issue is not with the terraform-provider-aws but with the ACM API itself, which can be quite particular. If you take a PEM certificate and remove all line breaks, ACM might (and I emphasize might) not accept it. This issue can occur even when importing a certificate using the AWS Console. The workaround I found to ensure ACM accepts all certificates involves using Base64 encoding/decoding:
Base64 is designed to transmit binary data across channels that only reliably support text, making it particularly useful in this ACM scenario. |
Hmmm, seems like something that should be in the docs or handled by the provider. I'll try to make a docs PR, I can't imagine I'm the only one that's encountered this however, the fact that I could take the same file contents in the AWS console and via the AWS CLI (which uses the api under the hood anyway) didn't have an issue, which is why I think there may be something extra the provider did that damaged the format |
In my case, not even the AWS Console was accepting my PEM file! A docs PR would be great! |
Terraform Core Version
1.6.6
AWS Provider Version
5.49.0
Affected Resource(s)
aws_acm_certificate resource is provided either a single line escaped string, or a
file()
call to a pem encoded certificate, returns the following error when importing a certificate:api error ValidationException: The certificate field contains more than one certificate. You can specify only one certificate in this field.
This error is also returned when
private_key
andcertificate_body
are both empty strings, denoting a deeper issue afoot.Expected Behavior
The ACM Certificate should be imported int AWS ACM.
Actual Behavior
An error stating I've provided multiple certificates when I have not.
Relevant Error/Panic Output Snippet
This is the only error in the debug, its coming back from AWS but I'm wondering how its getting to AWS improperly.
Terraform Configuration Files
have also attempted writing them to files like so:
Steps to Reproduce
Import an SSL certificate via the aws_acm_certificate resource
Debug Output
2024-05-15T15:11:46.359Z [ERROR] vertex "aws_acm_certificate.cert" error: importing ACM Certificate: operation error ACM: ImportCertificate, https response error StatusCode: 400, RequestID: 0ed51563-f2bf-40b7-9277-2f655896912d, api error ValidationException: The certificate field contains more than one certificate. You can specify only one certificate in this field.
Panic Output
No response
Important Factoids
No response
References
No response
Would you like to implement a fix?
None
The text was updated successfully, but these errors were encountered: