Description
Terraform Core Version
1.10.4
citrixadc Provider Version
1.41.0
Operating system
Linux
Affected Resource(s)
- citrixadc_sslvserver_sslcertkey_binding
The "ca" argument is not passed in the API call to the VPX if it has the default false value. This causes the call to fail verification on the VPX if a value for ocspcheck is included in the configuration. Even if ocspcheck is not explicitly defined in the terraform configuration, a value will be included in the configuration after a refresh if snicert is also enabled and a CA certificate is bound to the sslvserver, as the VPX returns a ocspcheck=Optional value if these two conditions are present. So even without the explicit ocspcheck in the configuration the API call will fail when an earlier created resource is updated or destroyed.
Equivalent NetScaler CLI Command
bind ssl vserver VSERVER_NAME -certkeyName CERT_NAME -SNICert -ocspCheck Optional
Expected Behavior
Terraform succeed in creating or destroying the binding
Actual Behavior
Terraform fails in creating or destroying the binding
Relevant Error/Panic Output Snippet
Apply/destroy fails with "Argument pre-requisite missing [ocspCheck, CA]" errorTerraform Configuration Files
resource "citrixadc_sslvserver_sslcertkey_binding" "crt" {
vservername = "My-SSL-vserver-name"
certkeyname = "My-certificate-name"
ca = false
snicert = true
ocspcheck = "Optional"
}
Steps to Reproduce
Applying the above resource fails with the error message:
│ Error: [INFO] delete failed: 400 Bad Request ({ "errorcode": 1093, "message": "Argument pre-requisite missing [ocspCheck, CA]", "severity": "ERROR" })
Debug Output
No response
Panic Output
No response
Important Factoids
No response
References
No response