Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Gitlab fingerprint on TLSv4.0.2 different with TLSv3.4.0 #288

Open
1 task done
OlesYudin opened this issue Oct 24, 2022 · 1 comment
Open
1 task done

Gitlab fingerprint on TLSv4.0.2 different with TLSv3.4.0 #288

OlesYudin opened this issue Oct 24, 2022 · 1 comment
Labels
bug

Comments

@OlesYudin
Copy link

OlesYudin commented Oct 24, 2022
edited
Loading

Terraform CLI and Provider Versions

Previously I use TLS 3.4.0 version of Terraform provider, but now switch to 4.0.2 version and I confused because I get different value but expect the same result.
I need to get fingerprint of Gitlab. If I execute some CLI command I will get this "golden" result:

openssl s_client -servername gitlab.com -showcerts -connect gitlab.com:443
openssl x509 -in certificate.crt -fingerprint -noout

OUTPUT: SHA1 Fingerprint=B3:DD:76:06:D2:B5:A8:B4:A1:37:71:DB:EC:C9:EE:1C:EC:AF:A3:8A # b3dd..a38a it is right result

When I use tls v.3.4.0

terraform {
  required_version = ">= 1.2.7"
  required_providers {
    aws = {
      source  = "hashicorp/aws"
      version = "~> 4.4.0"
    }
    tls = {
      source  = "hashicorp/tls"
      version = "= 3.4.0"
    }
  }
}
data "tls_certificate" "gitlab" {
  url = "https://gitlab.com"
}
output "tls" {
  value = data.tls_certificate.gitlab.certificates[*].sha1_fingerprint
}
OUTPUT: b3dd7606d2b5a8b4a13771dbecc9ee1cecafa38a - it is right result

When I use tls v.4.0.2

terraform {
  required_version = ">= 1.2.7"
  required_providers {
    aws = {
      source  = "hashicorp/aws"
      version = "~> 4.4.0"
    }
    tls = {
      source  = "hashicorp/tls"
      version = "= 4.0.2"
    }
  }
}
data "tls_certificate" "gitlab" {
  url = "https://gitlab.com"
}
output "tls" {
  value = data.tls_certificate.gitlab.certificates[*].sha1_fingerprint
}
OUTPUT:2284b06c017cfa97e2846c6e0821233f0d6a9aeb - not right result

Terraform Configuration

terraform {
  required_version = ">= 1.2.7"
  required_providers {
    aws = {
      source  = "hashicorp/aws"
      version = "~> 4.4.0"
    }
    tls = {
      source  = "hashicorp/tls"
      version = "= 3.4.0"
      #version = "= 4.0.2" # Bug here
    }
  }
}
data "tls_certificate" "gitlab" {
  url = "https://gitlab.com"
}
output "tls" {
  value = data.tls_certificate.gitlab.certificates[*].sha1_fingerprint
}

Expected Behavior

I want to get this output: b3dd7606d2b5a8b4a13771dbecc9ee1cecafa38a for gitlab.com

Actual Behavior

I get this output: b3dd7606d2b5a8b4a13771dbecc9ee1cecafa38a for gitlab.com

Steps to Reproduce

  1. terraform init
  2. terraform plan # will output list of 2 values. First one I need. But get different values depends on version

How much impact is this issue causing?

Medium

Logs

No response

Additional Information

No response

Code of Conduct

  • I agree to follow this project's Code of Conduct
@OlesYudin OlesYudin added the bug label Oct 24, 2022
@abacchi
Copy link

abacchi commented Jan 20, 2023

I was running into a similar issue- but found this closed item/comment which helped: #249 (comment)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@OlesYudin @abacchi