By using AWS re:Post, you agree to the Terms of Use
AWS re:Postre:Post

Error trying to issue certificate from PCA

0

Hello,

I'm getting the following error when trying to enroll from PCA:
Caused by: software.amazon.awssdk.services.acmpca.model.AcmPcaException: 1 validation error detected: Value null at 'certificateAuthorityArn' failed to satisfy constraint: Member must not be null (Service: AcmPca, Status Code: 400, Request ID:

I really don't get where it's soming from, since i'm passing the caArn to the SDK:
IssueCertificateRequest req = IssueCertificateRequest.builder().certificateAuthorityArn(caArn) .signingAlgorithm(signingAlg).csr(SdkBytes.fromUtf8String(csr.getCSRasPEM())) .idempotencyToken(getRandomString(10)).validity(validity).templateArn(templateArn).build();

And caArn is not null for sure (i've checked).

Any idea?

Topics
Security, Identity, & Compliance
Tags
AWS Certificate Manager
Language
English
loopkin
asked 3 years ago265 views
1 Answer
0

When i dump the request, indeed the CA ARN is present:

IssueCertificateRequest(CertificateAuthorityArn=arn:aws:acm-pca:eu-west-3:1234567890:certificate-authority/xxx-xxx-xxx-xxx, Csr=SdkBytes(bytes=0x2d2d2d2d2d424547494e2043455254494[...]d2d0a), SigningAlgorithm=SHA256WITHRSA, TemplateArn=arn:aws:acm-pca:::template/EndEntityCertificate/V1, Validity=Validity(Value=365, Type=DAYS), IdempotencyToken=lgdfywimji)

Could it be a case-sensitivity issue?

Edited by: loopkin on Apr 3, 2020 5:26 PM

It was that, indeed, closing the question, all ok.

loopkin
answered 3 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content