fortinetdev/terraform-provider-fortios

ssl-algorithm is "custom", but ssl-cipher-suites is empty.

abringard opened this issue · 1 comments

Hello there,

I'm using fortios provider for a while but today I'm facing an issue when I tried to restrict SSL Cipher Suites to use.

According to the documentation, I set ssl_algorithm value to custom and ssl_cipher_suites like this:

resource "fortios_firewall_vip" "main-fw1" {
  [...]
  ssl_algorithm = "custom"
  ssl_cipher_suites {
    priority = 1
    cipher    = "TLS-AES-128-GCM-SHA256"
    versions  = "tls-1.2 tls-1.3"
  }
}

Note: I did the same using the CLI of my Fortigate successfuly.

But the command fails with the following error message:

│Error: Error creating FirewallVip resource: Internal Server Error - Internal error when processing the request (500)
│ Cli response:
│ ssl-algorithm is "custom", but ssl-cipher-suites is empty.
│ object set operator error, -651 discard the setting
│ Command fail. Return code -651
│
│   with fortios_firewall_vip.main-fw1["aym_pip_1-vs"],
│   on virtual_servers.tf line 3, in resource "fortios_firewall_vip" "main-fw1":
│    3: resource "fortios_firewall_vip" "main-fw1" {

If I keep or remove ssl_cipher_suites variable, the error stays the same.

Did I miss something the ssl_cipher_suites declaration?
Thanks in advance,
Cheers,
Aymeric B.

Hi @abringard ,

Thank you for raising this issue. May I know your environment information such as FOS version, Terraform version, config file? you are free to hide any private data.

Thanks,
Maxx