Getting TLS error

[shapedthought]

Hi there,

First, I'd like to say this is a great provider.

However, I'm having some issues with getting data from an API which uses insecure TLS. I've set the tls_insecure_skip_verify in the provider, but when I try to get data via the data property it comes back with:

Get "https://XXXXXX/api/v1/jobs": x509: certificate signed by unknown authority

How can I fix this?

Thanks!

[magodo]

@shapedthought What if you didn't specify tls_insecure_skip_verify, what error did you get? From the error message, it looks like the error is from the server you are reaching to?

[shapedthought]

Full Error:

Planning failed. Terraform encountered an error while generating this plan.

│ Error: Error to call Read
│
│ with data.restful_resource.jobs,
│ on main.tf line 43, in data "restful_resource" "jobs":
│ 43: data "restful_resource" "jobs" {
│
│ Get "https://XXXXXXXXX/api/v1/jobs": x509: certificate signed by unknown authority

[shapedthought]

Full code

`provider "restful" {
base_url = var.base_url
tls_insecure_skip_verify = true
header = {
"x-api-version" = "1.1-rev1"
}
security = {
oauth2 = {
password = {
token_url = format("%s/api/oauth2/token", var.base_url)
username = var.username
password = var.password
}
}
}
alias = "oauth2_password"
}

data "restful_resource" "jobs" {
id = "/api/v1/jobs"
}`

[magodo]

If you didn't specify tls_insecure_skip_verify = true, do you get the same error?

[shapedthought]

Yes

[magodo]

@shapedthought The setting above specified the tls_insecure_skip_verify for the aliased provider named oauth2_password. In order to use it for the restful_resource.jobs, you need to explicitly specify the provider:

data "restful_resource" "jobs" {
  #...
  provider = restful.oauth2_password
}

[magodo]

@shapedthought With #82, instead of tls_insecure_skip_verify, you are also able to use the client.root_ca_certificates to specify the CA certificate PEM that used to sign your server's certificate, instead of using CA certs from the host store.