Terraform: okta_idp_saml_key format

Hi there, I’m trying to terraform script a SAML IdP and running into some issues (besides the fact that the documentation is lacking).

I cannot figure out, for the life of me, the proper format for the x5c attribute in the okta_idp_saml_key script. Terraform Documentation

It’s supposed to be base64 format and if I upload the cert to okta, it works fine…

An example cert is like:

-----BEGIN CERTIFICATE-----
….bunch of text…
….bunch of text…
….bunch of text…
-----END CERTIFICATE-----

I tried converting it all to base64, tried making it one line with linebreaks, tried doing that and converting to base64…however, I keep getting an error:

on modules\idp_saml_key\main.tf line 15, in resource “okta_idp_saml_key” “idp_saml_key”:
15: x5c = var.cert

Inappropriate value for attribute “x5c”: set of string required.

Has anyone done this before? Any help??

Nevermind, I’m super dense… I read the error message a bit better: Inappropriate value for attribute “x5c”: set of string required.

It’s because I had the input as a string instead of set(string) .
I had to take each line of the cert and place it as an array of strings:
["-----BEGIN CERTIFICATE-----",”text”,”text”, ["-----END CERTIFICATE-----"]

Sorry about the confusion!

Nope, this didn’t work…I thought it did, but after trying to apply, it failed, mostly because it put all the array members out of order…

Still need help :confused:

@jwilczak For the SAML IDP issue, could you please open a support ticket through an email to support@okta.com. One of our TSEs will help you take a look. Thanks

It feels like it should be an easy answer and the forum could benefit from the answer…

What is the proper format for scripting a cert in Terraform?

resource "okta_idp_saml_key" "example" {
  x5c = ["${okta_app_saml.example.certificate}"] #What is an example of this value?
}

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.