Custom domain certificate creation with terraform fails with "InvalidCertificate: The certificate env-cert is invalid or password is incorrect."
I am trying to create a custom domain for a Container App using Terraform.
The issue I have is with the certificate.
I generated a set of fullchain.pem and privkey.pem using Certbot and Letsencrypt using certbot plugin for azure cloud for dns challenge.
Once generated created a cert.pfx using the following command:
openssl pkcs12 -inkey privkey.pem -in fullchain.pem -export -out cert.pfx
and also with the command that includes the certificate:
openssl pkcs12 -inkey privkey.pem -in fullchain.pem -certfile cert.pem -export -out cert.pfx
When applying the terraform plan, the resource "azurerm_container_app_environment_certificate" fails with the following error:
InvalidCertificate: The certificate env-cert is invalid or password is incorrect.
I verified that the password is correct by generating a certificate without password.
This is the resource declared in terraform:
resource "azurerm_container_app_environment_certificate" "env_cert" {
certificate_blob_base64 = filebase64("certificates/cert.pfx")
certificate_password = var.cert_pass
container_app_environment_id = azurerm_container_app_environment.app_env.id
name = "env-cert"
}
I don't understand why the certificate format is invalid.