Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

400 errors while creating cloudflare_custom_ssl resource #1472

Closed
2 tasks done
ggramal opened this issue Feb 18, 2022 · 1 comment · Fixed by #2319
Closed
2 tasks done

400 errors while creating cloudflare_custom_ssl resource #1472

ggramal opened this issue Feb 18, 2022 · 1 comment · Fixed by #2319
Labels
kind/bug Categorizes issue or PR as related to a bug. service/tls Categorizes issue or PR as related to the TLS services. triage/accepted Indicates an issue or PR is ready to be actively worked on.
Milestone
v4.3.0

Comments

@ggramal
Copy link

ggramal commented Feb 18, 2022

Confirmation

  • My issue isn't already found on the issue tracker.
  • I have replicated my issue using the latest version of the provider and it is still present.

Terraform and Cloudflare provider version

Terraform v1.0.9
on linux_amd64

  • provider registry.terraform.io/cloudflare/cloudflare v3.9.1
  • provider registry.terraform.io/hashicorp/google v4.11.0

Affected resource(s)

cloudflare_custom_ssl

Terraform configuration files

terraform {
  required_providers {
    cloudflare = {
      source  = "cloudflare/cloudflare"
    }
  }
  backend "local" {
    path = "./123"
  }
}

provider "cloudflare" {
  email   = var.cloudflare_email
  api_key = var.cloudflare_api_key
}

variable "cloudflare_email" {
  description = "The email associated with the account"
  type        = string
}

variable "cloudflare_api_key" {
  description = "The Cloudflare API key"
  type        = string
}

resource "cloudflare_custom_ssl" "certificate" {
  zone_id  = "1234567890abcdef123456789abcdef"
  custom_ssl_options {
    certificate   = <<EOT
-----BEGIN CERTIFICATE-----
-----END CERTIFICATE-----
EOT
    private_key   = <<EOT
-----BEGIN EC PRIVATE KEY-----
-----END EC PRIVATE KEY-----
EOT
  }
}

Debug output

2022-02-18T15:34:53.710+0300 [DEBUG] Adding temp file log sink: /tmp/terraform-log079072113
2022-02-18T15:34:53.710+0300 [INFO]  Terraform version: 1.0.9
2022-02-18T15:34:53.710+0300 [INFO]  Go runtime version: go1.16.4
2022-02-18T15:34:53.710+0300 [INFO]  CLI args: []string{"/home/gramal/Cardlay/gitlab/terraform-tools/terraform", "apply"}
2022-02-18T15:34:53.710+0300 [DEBUG] Attempting to open CLI config file: /home/gramal/.terraformrc
2022-02-18T15:34:53.710+0300 [DEBUG] File doesn't exist, but doesn't need to. Ignoring.
2022-02-18T15:34:53.710+0300 [DEBUG] ignoring non-existing provider search directory terraform.d/plugins
2022-02-18T15:34:53.710+0300 [DEBUG] ignoring non-existing provider search directory /home/gramal/.terraform.d/plugins
2022-02-18T15:34:53.710+0300 [DEBUG] ignoring non-existing provider search directory /home/gramal/.local/share/terraform/plugins
2022-02-18T15:34:53.710+0300 [DEBUG] ignoring non-existing provider search directory /usr/share/ubuntu/terraform/plugins
2022-02-18T15:34:53.710+0300 [DEBUG] ignoring non-existing provider search directory /usr/local/share/terraform/plugins
2022-02-18T15:34:53.710+0300 [DEBUG] ignoring non-existing provider search directory /usr/share/terraform/plugins
2022-02-18T15:34:53.710+0300 [DEBUG] ignoring non-existing provider search directory /var/lib/snapd/desktop/terraform/plugins
2022-02-18T15:34:53.710+0300 [INFO]  CLI command args: []string{"apply"}
2022-02-18T15:34:53.765+0300 [DEBUG] checking for provisioner in "."
2022-02-18T15:34:53.766+0300 [DEBUG] checking for provisioner in "/home/gramal/Cardlay/gitlab/terraform-tools"
2022-02-18T15:34:53.766+0300 [INFO]  Failed to read plugin lock file .terraform/plugins/linux_amd64/lock.json: open .terraform/plugins/linux_amd64/lock.json: no such file or directory
2022-02-18T15:34:53.766+0300 [INFO]  backend/local: starting Apply operation
2022-02-18T15:34:53.767+0300 [DEBUG] created provider logger: level=debug
2022-02-18T15:34:53.767+0300 [INFO]  provider: configuring client automatic mTLS
2022-02-18T15:34:53.802+0300 [DEBUG] provider: starting plugin: path=.terraform/providers/registry.terraform.io/cloudflare/cloudflare/3.9.1/linux_amd64/terraform-provider-cloudflare_v3.9.1 args=[.terraform/providers/registry.terraform.io/cloudflare/cloudflare/3.9.1/linux_amd64/terraform-provider-cloudflare_v3.9.1]
2022-02-18T15:34:53.803+0300 [DEBUG] provider: plugin started: path=.terraform/providers/registry.terraform.io/cloudflare/cloudflare/3.9.1/linux_amd64/terraform-provider-cloudflare_v3.9.1 pid=8966
2022-02-18T15:34:53.803+0300 [DEBUG] provider: waiting for RPC address: path=.terraform/providers/registry.terraform.io/cloudflare/cloudflare/3.9.1/linux_amd64/terraform-provider-cloudflare_v3.9.1
2022-02-18T15:34:53.808+0300 [INFO]  provider.terraform-provider-cloudflare_v3.9.1: configuring server automatic mTLS: timestamp=2022-02-18T15:34:53.808+0300
2022-02-18T15:34:53.817+0300 [DEBUG] provider.terraform-provider-cloudflare_v3.9.1: plugin address: address=/tmp/plugin2018355193 network=unix timestamp=2022-02-18T15:34:53.817+0300
2022-02-18T15:34:53.817+0300 [DEBUG] provider: using plugin: version=5
2022-02-18T15:34:53.856+0300 [DEBUG] provider.stdio: received EOF, stopping recv loop: err="rpc error: code = Unavailable desc = transport is closing"
2022-02-18T15:34:53.857+0300 [DEBUG] provider: plugin process exited: path=.terraform/providers/registry.terraform.io/cloudflare/cloudflare/3.9.1/linux_amd64/terraform-provider-cloudflare_v3.9.1 pid=8966
2022-02-18T15:34:53.857+0300 [DEBUG] provider: plugin exited
2022-02-18T15:34:53.857+0300 [INFO]  terraform: building graph: GraphTypeValidate
2022-02-18T15:34:53.857+0300 [DEBUG] ProviderTransformer: "cloudflare_custom_ssl.certificate" (*terraform.NodeValidatableResource) needs provider["registry.terraform.io/cloudflare/cloudflare"]
2022-02-18T15:34:53.857+0300 [DEBUG] ReferenceTransformer: "cloudflare_custom_ssl.certificate" references: []
2022-02-18T15:34:53.857+0300 [DEBUG] ReferenceTransformer: "var.cloudflare_email" references: []
2022-02-18T15:34:53.857+0300 [DEBUG] ReferenceTransformer: "var.cloudflare_api_key" references: []
2022-02-18T15:34:53.857+0300 [DEBUG] ReferenceTransformer: "provider[\"registry.terraform.io/cloudflare/cloudflare\"]" references: [var.cloudflare_api_key var.cloudflare_email]
2022-02-18T15:34:53.858+0300 [DEBUG] Starting graph walk: walkValidate
2022-02-18T15:34:53.858+0300 [DEBUG] created provider logger: level=debug
2022-02-18T15:34:53.858+0300 [INFO]  provider: configuring client automatic mTLS
2022-02-18T15:34:53.894+0300 [DEBUG] provider: starting plugin: path=.terraform/providers/registry.terraform.io/cloudflare/cloudflare/3.9.1/linux_amd64/terraform-provider-cloudflare_v3.9.1 args=[.terraform/providers/registry.terraform.io/cloudflare/cloudflare/3.9.1/linux_amd64/terraform-provider-cloudflare_v3.9.1]
2022-02-18T15:34:53.894+0300 [DEBUG] provider: plugin started: path=.terraform/providers/registry.terraform.io/cloudflare/cloudflare/3.9.1/linux_amd64/terraform-provider-cloudflare_v3.9.1 pid=8978
2022-02-18T15:34:53.894+0300 [DEBUG] provider: waiting for RPC address: path=.terraform/providers/registry.terraform.io/cloudflare/cloudflare/3.9.1/linux_amd64/terraform-provider-cloudflare_v3.9.1
2022-02-18T15:34:53.898+0300 [INFO]  provider.terraform-provider-cloudflare_v3.9.1: configuring server automatic mTLS: timestamp=2022-02-18T15:34:53.898+0300
2022-02-18T15:34:53.908+0300 [DEBUG] provider.terraform-provider-cloudflare_v3.9.1: plugin address: address=/tmp/plugin3116546175 network=unix timestamp=2022-02-18T15:34:53.908+0300
2022-02-18T15:34:53.908+0300 [DEBUG] provider: using plugin: version=5
2022-02-18T15:34:53.952+0300 [DEBUG] provider.stdio: received EOF, stopping recv loop: err="rpc error: code = Unavailable desc = transport is closing"
2022-02-18T15:34:53.953+0300 [DEBUG] provider: plugin process exited: path=.terraform/providers/registry.terraform.io/cloudflare/cloudflare/3.9.1/linux_amd64/terraform-provider-cloudflare_v3.9.1 pid=8978
2022-02-18T15:34:53.953+0300 [DEBUG] provider: plugin exited
2022-02-18T15:34:53.953+0300 [INFO]  backend/local: apply calling Plan
2022-02-18T15:34:53.953+0300 [INFO]  terraform: building graph: GraphTypePlan
2022-02-18T15:34:53.953+0300 [DEBUG] ProviderTransformer: "cloudflare_custom_ssl.certificate (expand)" (*terraform.nodeExpandPlannableResource) needs provider["registry.terraform.io/cloudflare/cloudflare"]
2022-02-18T15:34:53.953+0300 [DEBUG] ReferenceTransformer: "cloudflare_custom_ssl.certificate (expand)" references: []
2022-02-18T15:34:53.953+0300 [DEBUG] ReferenceTransformer: "var.cloudflare_api_key" references: []
2022-02-18T15:34:53.953+0300 [DEBUG] ReferenceTransformer: "var.cloudflare_email" references: []
2022-02-18T15:34:53.953+0300 [DEBUG] ReferenceTransformer: "provider[\"registry.terraform.io/cloudflare/cloudflare\"]" references: [var.cloudflare_api_key var.cloudflare_email]
2022-02-18T15:34:53.954+0300 [DEBUG] Starting graph walk: walkPlan
2022-02-18T15:34:53.954+0300 [DEBUG] created provider logger: level=debug
2022-02-18T15:34:53.954+0300 [INFO]  provider: configuring client automatic mTLS
2022-02-18T15:34:53.990+0300 [DEBUG] provider: starting plugin: path=.terraform/providers/registry.terraform.io/cloudflare/cloudflare/3.9.1/linux_amd64/terraform-provider-cloudflare_v3.9.1 args=[.terraform/providers/registry.terraform.io/cloudflare/cloudflare/3.9.1/linux_amd64/terraform-provider-cloudflare_v3.9.1]
2022-02-18T15:34:53.990+0300 [DEBUG] provider: plugin started: path=.terraform/providers/registry.terraform.io/cloudflare/cloudflare/3.9.1/linux_amd64/terraform-provider-cloudflare_v3.9.1 pid=8991
2022-02-18T15:34:53.990+0300 [DEBUG] provider: waiting for RPC address: path=.terraform/providers/registry.terraform.io/cloudflare/cloudflare/3.9.1/linux_amd64/terraform-provider-cloudflare_v3.9.1
2022-02-18T15:34:53.995+0300 [INFO]  provider.terraform-provider-cloudflare_v3.9.1: configuring server automatic mTLS: timestamp=2022-02-18T15:34:53.995+0300
2022-02-18T15:34:54.004+0300 [DEBUG] provider.terraform-provider-cloudflare_v3.9.1: plugin address: network=unix address=/tmp/plugin2712776597 timestamp=2022-02-18T15:34:54.004+0300
2022-02-18T15:34:54.004+0300 [DEBUG] provider: using plugin: version=5
2022-02-18T15:34:54.045+0300 [WARN]  ValidateProviderConfig from "provider[\"registry.terraform.io/cloudflare/cloudflare\"]" changed the config value, but that value is unused
2022-02-18T15:34:54.045+0300 [INFO]  provider.terraform-provider-cloudflare_v3.9.1: 2022/02/18 15:34:54 [INFO] Cloudflare Client configured for user: [email protected]: timestamp=2022-02-18T15:34:54.045+0300
2022-02-18T15:34:54.046+0300 [DEBUG] Resource instance state not found for node "cloudflare_custom_ssl.certificate", instance cloudflare_custom_ssl.certificate
2022-02-18T15:34:54.046+0300 [DEBUG] ReferenceTransformer: "cloudflare_custom_ssl.certificate" references: []
2022-02-18T15:34:54.046+0300 [DEBUG] refresh: cloudflare_custom_ssl.certificate: no state, so not refreshing
2022-02-18T15:34:54.048+0300 [DEBUG] provider.stdio: received EOF, stopping recv loop: err="rpc error: code = Unavailable desc = transport is closing"
2022-02-18T15:34:54.049+0300 [DEBUG] provider: plugin process exited: path=.terraform/providers/registry.terraform.io/cloudflare/cloudflare/3.9.1/linux_amd64/terraform-provider-cloudflare_v3.9.1 pid=8991
2022-02-18T15:34:54.049+0300 [DEBUG] provider: plugin exited

Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following
symbols:
  + create

Terraform will perform the following actions:

  # cloudflare_custom_ssl.certificate will be created
  + resource "cloudflare_custom_ssl" "certificate" {
      + expires_on  = (known after apply)
      + hosts       = (known after apply)
      + id          = (known after apply)
      + issuer      = (known after apply)
      + modified_on = (known after apply)
      + priority    = (known after apply)
      + signature   = (known after apply)
      + status      = (known after apply)
      + uploaded_on = (known after apply)
      + zone_id     = "1234567890abcdef123456789abcdef"


      + custom_ssl_options {
          + certificate = <<-EOT
                -----BEGIN CERTIFICATE-----

                -----END CERTIFICATE-----
            EOT
          + private_key = (sensitive value)
        }
    }

Plan: 1 to add, 0 to change, 0 to destroy.
2022-02-18T15:34:54.050+0300 [DEBUG] command: asking for input: "\nDo you want to perform these actions?"

Do you want to perform these actions?
  Terraform will perform the actions described above.
  Only 'yes' will be accepted to approve.

  Enter a value: yes

2022-02-18T15:35:03.039+0300 [INFO]  backend/local: apply calling Apply
2022-02-18T15:35:03.040+0300 [INFO]  terraform: building graph: GraphTypeApply
2022-02-18T15:35:03.040+0300 [DEBUG] Resource state not found for node "cloudflare_custom_ssl.certificate", instance cloudflare_custom_ssl.certificate
2022-02-18T15:35:03.041+0300 [DEBUG] ProviderTransformer: "cloudflare_custom_ssl.certificate" (*terraform.NodeApplyableResourceInstance) needs provider["registry.terraform.io/cloudflare/cloudflare"]
2022-02-18T15:35:03.041+0300 [DEBUG] ProviderTransformer: "cloudflare_custom_ssl.certificate (expand)" (*terraform.nodeExpandApplyableResource) needs provider["registry.terraform.io/cloudflare/cloudflare"]
2022-02-18T15:35:03.042+0300 [DEBUG] ReferenceTransformer: "cloudflare_custom_ssl.certificate (expand)" references: []
2022-02-18T15:35:03.042+0300 [DEBUG] ReferenceTransformer: "var.cloudflare_email" references: []
2022-02-18T15:35:03.042+0300 [DEBUG] ReferenceTransformer: "var.cloudflare_api_key" references: []
2022-02-18T15:35:03.043+0300 [DEBUG] ReferenceTransformer: "cloudflare_custom_ssl.certificate" references: []
2022-02-18T15:35:03.043+0300 [DEBUG] ReferenceTransformer: "provider[\"registry.terraform.io/cloudflare/cloudflare\"]" references: [var.cloudflare_api_key var.cloudflare_email]
2022-02-18T15:35:03.045+0300 [DEBUG] Starting graph walk: walkApply
2022-02-18T15:35:03.046+0300 [DEBUG] created provider logger: level=debug
2022-02-18T15:35:03.047+0300 [INFO]  provider: configuring client automatic mTLS
2022-02-18T15:35:03.116+0300 [DEBUG] provider: starting plugin: path=.terraform/providers/registry.terraform.io/cloudflare/cloudflare/3.9.1/linux_amd64/terraform-provider-cloudflare_v3.9.1 args=[.terraform/providers/registry.terraform.io/cloudflare/cloudflare/3.9.1/linux_amd64/terraform-provider-cloudflare_v3.9.1]
2022-02-18T15:35:03.116+0300 [DEBUG] provider: plugin started: path=.terraform/providers/registry.terraform.io/cloudflare/cloudflare/3.9.1/linux_amd64/terraform-provider-cloudflare_v3.9.1 pid=9005
2022-02-18T15:35:03.117+0300 [DEBUG] provider: waiting for RPC address: path=.terraform/providers/registry.terraform.io/cloudflare/cloudflare/3.9.1/linux_amd64/terraform-provider-cloudflare_v3.9.1
2022-02-18T15:35:03.122+0300 [INFO]  provider.terraform-provider-cloudflare_v3.9.1: configuring server automatic mTLS: timestamp=2022-02-18T15:35:03.122+0300
2022-02-18T15:35:03.133+0300 [DEBUG] provider: using plugin: version=5
2022-02-18T15:35:03.134+0300 [DEBUG] provider.terraform-provider-cloudflare_v3.9.1: plugin address: address=/tmp/plugin2696441177 network=unix timestamp=2022-02-18T15:35:03.133+0300
2022-02-18T15:35:03.183+0300 [WARN]  ValidateProviderConfig from "provider[\"registry.terraform.io/cloudflare/cloudflare\"]" changed the config value, but that value is unused
2022-02-18T15:35:03.184+0300 [INFO]  provider.terraform-provider-cloudflare_v3.9.1: 2022/02/18 15:35:03 [INFO] Cloudflare Client configured for user: [email protected]: timestamp=2022-02-18T15:35:03.184+0300
cloudflare_custom_ssl.certificate: Creating...
2022-02-18T15:35:03.186+0300 [INFO]  Starting apply for cloudflare_custom_ssl.certificate
2022-02-18T15:35:03.186+0300 [DEBUG] cloudflare_custom_ssl.certificate: applying the planned Create change
2022-02-18T15:35:03.187+0300 [INFO]  provider.terraform-provider-cloudflare_v3.9.1: 2022/02/18 15:35:03 [DEBUG] setting computed for "hosts" from ComputedKeys: timestamp=2022-02-18T15:35:03.187+0300
2022-02-18T15:35:03.187+0300 [INFO]  provider.terraform-provider-cloudflare_v3.9.1: 2022/02/18 15:35:03 [DEBUG] zone ID: 1234567890abcdef123456789abcdef: timestamp=2022-02-18T15:35:03.187+0300
2022-02-18T15:35:03.187+0300 [INFO]  provider.terraform-provider-cloudflare_v3.9.1: 2022/02/18 15:35:03 [DEBUG] Custom SSL options found in config: []interface {}{map[string]interface {}{"bundle_method":"", "certificate":"-----BEGIN CERTIFICATE-----....-----END CERTIFICATE-----", "geo_restrictions":"", "private_key":"-----BEGIN EC PRIVATE KEY-----....-----END EC PRIVATE KEY-----\n", "type":""}}: timestamp=2022-02-18T15:35:03.187+0300
2022-02-18T15:35:03.188+0300 [INFO]  provider.terraform-provider-cloudflare_v3.9.1: 2022/02/18 15:35:03 [DEBUG] Custom SSL JSON: {"bundle_method":"","certificate":"-----BEGIN CERTIFICATE-----.....-----END CERTIFICATE-----","geo_restrictions":{"label":""},"private_key":"-----BEGIN EC PRIVATE KEY-----....-----END EC PRIVATE KEY-----\n","type":""}: timestamp=2022-02-18T15:35:03.187+0300
2022-02-18T15:35:03.188+0300 [INFO]  provider.terraform-provider-cloudflare_v3.9.1: 2022/02/18 15:35:03 [DEBUG] Custom SSL options creating: cloudflare.ZoneCustomSSLOptions{Certificate:"-----BEGIN CERTIFICATE-----....-----END CERTIFICATE-----", PrivateKey:"-----BEGIN EC PRIVATE KEY-----....-----END EC PRIVATE KEY-----\n", BundleMethod:"", GeoRestrictions:(*cloudflare.ZoneCustomSSLGeoRestrictions)(0xc000385430), Type:""}: timestamp=2022-02-18T15:35:03.188+0300
2022-02-18T15:35:03.188+0300 [INFO]  provider.terraform-provider-cloudflare_v3.9.1: 2022/02/18 15:35:03 [DEBUG] Cloudflare API Request Details:
---[ REQUEST ]---------------------------------------
POST /client/v4/zones/1234567890abcdef123456789abcdef/custom_certificates HTTP/1.1
Host: api.cloudflare.com
User-Agent: terraform/1.0.9 terraform-plugin-sdk/2.10.1 terraform-provider-cloudflare/3.9.1
Content-Length: 6355
Content-Type: application/json
X-Auth-Email: [email protected]
X-Auth-Key: 1111111111111111111111111111111111111
Accept-Encoding: gzip

{
 "certificate": "-----BEGIN CERTIFICATE-----......-----END CERTIFICATE-----",
 "private_key": "-----BEGIN EC PRIVATE KEY--......-------END EC PRIVATE KEY-----\n",
 "geo_restrictions": {
  "label": ""
 }
}
-----------------------------------------------------: timestamp=2022-02-18T15:35:03.188+0300
2022-02-18T15:35:08.603+0300 [INFO]  provider.terraform-provider-cloudflare_v3.9.1: 2022/02/18 15:35:08 [DEBUG] Cloudflare API Response Details:
---[ RESPONSE ]--------------------------------------
HTTP/2.0 400 Bad Request
Connection: close
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Cf-Cache-Status: DYNAMIC
Cf-Ray: 6df74b20280c78f1-MSQ
Content-Type: application/json
Date: Fri, 18 Feb 2022 12:35:08 GMT
Expect-Ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Expires: Sun, 25 Jan 1981 05:00:00 GMT
Pragma: no-cache
Server: cloudflare
Set-Cookie: __cflb=; SameSite=Lax; path=/; expires=Fri, 18-Feb-22 15:05:09 GMT; HttpOnly
Set-Cookie: __cfruid=; path=/; domain=.api.cloudflare.com; HttpOnly; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN

{
 "success": false,
 "errors": [
  {
   "code": 2001,
   "message": "Could not complete the requested operation. Invalid or missing parameters."
  }
 ],
 "messages": [],
 "result": null
}
-----------------------------------------------------: timestamp=2022-02-18T15:35:08.603+0300
╷
│ Error: failed to create custom ssl cert: HTTP status 400: Could not complete the requested operation. Invalid or missing parameters. (2001)
│ 
│   with cloudflare_custom_ssl.certificate,
│   on main.tf line 27, in resource "cloudflare_custom_ssl" "certificate":
│   27: resource "cloudflare_custom_ssl" "certificate" {
│ 
╵
2022-02-18T15:35:08.625+0300 [DEBUG] provider.stdio: received EOF, stopping recv loop: err="rpc error: code = Unavailable desc = transport is closing"
2022-02-18T15:35:08.629+0300 [DEBUG] provider: plugin process exited: path=.terraform/providers/registry.terraform.io/cloudflare/cloudflare/3.9.1/linux_amd64/terraform-provider-cloudflare_v3.9.1 pid=9005
2022-02-18T15:35:08.629+0300 [DEBUG] provider: plugin exited

Panic output

No response

Expected output

Custom ssl certificate is created

Actual output

Error: failed to create custom ssl cert: HTTP status 400: Could not complete the requested operation. Invalid or missing parameters. (2001)

Steps to reproduce

  1. Create a thirdparty certificate (lets encrypt?)
  2. Copy the above tf configuration file (adjust zone_id,certificate,private_key,cloudflare_email,cloudflare_api_key)
  3. Apply

Additional factoids

  1. I get the same 400 error if im trying to call the API directly via curl
curl -s -X POST "https://api.cloudflare.com/client/v4/zones/1234567890abcdef123456789abcdef/custom_certificates" -H "Content-Type:application/json" -H "X-Auth-Key: 1111111111111111111111111111111111111" -H "X-Auth-Email: [email protected]" -d '{ "certificate": "-----BEGIN CERTIFICATE-----....-----END CERTIFICATE-----", "private_key": "-----BEGIN EC PRIVATE KEY-----....-----END EC PRIVATE KEY-----", "geo_restrictions": {"label": ""}}'
  1. BUT if i omit geo_restrictions": {"label": ""} the API call successfully finishes
  2. We have China Network enabled

References

No response
@ggramal ggramal added kind/bug Categorizes issue or PR as related to a bug. needs-triage Indicates an issue or PR lacks a `triage/foo` label and requires one. labels Feb 18, 2022
@jacobbednarz jacobbednarz added triage/accepted Indicates an issue or PR is ready to be actively worked on. service/tls Categorizes issue or PR as related to the TLS services. and removed needs-triage Indicates an issue or PR lacks a `triage/foo` label and requires one. labels May 13, 2022
This was referenced Mar 23, 2023
Merged
Closed
nickysemenza added a commit to nickysemenza/terraform-provider-cloudflare that referenced this issue Mar 23, 2023
@nickysemenza
when geo_restrictions aren't set, set as nil and not empty string
07a8305 
previously, we would send `geo_restrictions":{"label":""}`, now we won't send anything at all.

Resolves cloudflare#2318

```release-note:bug
resource/cloudflare_custom_ssl: fix json sent to API when geo_restrictions are not used (cloudflare#1472, cloudflare#2318)
```
@github-actions github-actions bot added this to the v4.3.0 milestone Mar 24, 2023
@github-actions
Copy link
Contributor

github-actions bot commented Apr 4, 2023

This functionality has been released in v4.3.0 of the Terraform Cloudflare Provider.

Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading.

For further feature requests or bug reports with this functionality, please create a new GitHub issue following the template. Thank you!

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Apr 4, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
kind/bug Categorizes issue or PR as related to a bug. service/tls Categorizes issue or PR as related to the TLS services. triage/accepted Indicates an issue or PR is ready to be actively worked on.
Projects
None yet
Milestone
v4.3.0
2 participants
@jacobbednarz @ggramal