ssl-algorithm is "custom", but ssl-cipher-suites is empty.
abringard opened this issue · 1 comments
abringard commented
Hello there,
I'm using fortios provider for a while but today I'm facing an issue when I tried to restrict SSL Cipher Suites to use.
According to the documentation, I set ssl_algorithm
value to custom and ssl_cipher_suites
like this:
resource "fortios_firewall_vip" "main-fw1" {
[...]
ssl_algorithm = "custom"
ssl_cipher_suites {
priority = 1
cipher = "TLS-AES-128-GCM-SHA256"
versions = "tls-1.2 tls-1.3"
}
}
Note: I did the same using the CLI of my Fortigate successfuly.
But the command fails with the following error message:
│Error: Error creating FirewallVip resource: Internal Server Error - Internal error when processing the request (500)
│ Cli response:
│ ssl-algorithm is "custom", but ssl-cipher-suites is empty.
│ object set operator error, -651 discard the setting
│ Command fail. Return code -651
│
│ with fortios_firewall_vip.main-fw1["aym_pip_1-vs"],
│ on virtual_servers.tf line 3, in resource "fortios_firewall_vip" "main-fw1":
│ 3: resource "fortios_firewall_vip" "main-fw1" {
If I keep or remove ssl_cipher_suites
variable, the error stays the same.
Did I miss something the ssl_cipher_suites
declaration?
Thanks in advance,
Cheers,
Aymeric B.
MaxxLiu22 commented
Hi @abringard ,
Thank you for raising this issue. May I know your environment information such as FOS version, Terraform version, config file? you are free to hide any private data.
Thanks,
Maxx