Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support for azurerm_app_service_certificate for App Service Environments #5115

Closed
milagrofrost opened this issue Dec 9, 2019 · 5 comments
Closed

Support for azurerm_app_service_certificate for App Service Environments #5115

milagrofrost opened this issue Dec 9, 2019 · 5 comments
Labels
enhancement service/app-service

Comments

@milagrofrost
Copy link

I cannot get my app services that reside in an ASE to recognize that I uploaded a cert for them to use when using terraform. If I upload the cert in the WebGUI, the cert shows up as a valid cert for Custom Domain SSL binding.

Comparing the JSON between the WebGUI upload and the terraform apply, I see this JSON block is missing when you run terraform:

		"hostingEnvironmentProfile": {
			"id": "/subscriptions/0xxxxxxxxxxxx/resourceGroups/rsg_name/providers/Microsoft.Web/hostingEnvironments/ase_name",
			"name": "ase_name",
			"type": "Microsoft.Web/hostingEnvironments"
		},

this hostingEnvironmentProfile parameter is not an available option in azure terraform provider. Without this parameter when you're using ASE, the cert is uploaded, but not useable by any ASE app services.

Current code in terraform:

resource "azurerm_app_service_certificate" "cert_upload" {
  name                = "appsrv-cert"
  resource_group_name = "rsg_name"
  location            = "eastus"
  pfx_blob            = "${base64encode(file("cert_file.pfx"))}"
  password            = "12345"
}
@wmdave
Copy link
Contributor

wmdave commented Jan 30, 2020

I ran in to the same problem and believe it can be resolved with just a slight change. I forked and modified the certificates resource definition and tested and this seems to work. Happy to PR if desired.

https://github.com/wmdave/terraform-provider-azurerm/blob/master/azurerm/internal/services/web/resource_arm_app_service_certificate.go

Tested with TF file like

resource "azurerm_app_service_certificate" "tf-fds-demo-01-torbit-cert" {
  name                           = "a-certificate-name"
  resource_group_name            = "a-resource-group-name"
  location                       = "southcentralus"
  pfx_blob                       = filebase64("a-pfx-file.pfx")
  password                       = "not-the-password"
  hosting_environment_profile_id = "/subscriptions/<subscription-id>/resourceGroups/<resource-group>/providers/Microsoft.Web/hostingEnvironments/<ase-name>"

@katbyte
Copy link
Collaborator

katbyte commented May 24, 2020

@wmdave - happy to accept a pr 🙂

@wmdave
Copy link
Contributor

wmdave commented May 26, 2020

PR Created. #7087

@tombuildsstuff
Copy link
Member

Fixed via #7087

@tombuildsstuff tombuildsstuff mentioned this issue Aug 28, 2020
Closed
@ghost
Copy link

ghost commented Sep 27, 2020

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. If you feel I made an error 🤖 🙉 , please reach out to my human friends 👉 hashibot-feedback@hashicorp.com. Thanks!

@hashicorp hashicorp locked and limited conversation to collaborators Sep 27, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
enhancement service/app-service
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@tombuildsstuff @katbyte @milagrofrost @wmdave