fix input hash (#405)

* fix input hash

* fix bug

* remove Sensitive

* add the new property to the documentation

examples/example.tf

@@ -57,6 +57,7 @@ resource "incapsula_custom_certificate" "custom-certificate" {
   site_id     = incapsula_site.example-site.id
   certificate = file("path/to/your/cert.crt")
   private_key = file("path/to/your/private_key.key")
+  auth_type   = "RSA/ECC"
   passphrase  = "yourpassphrase"
 }
 

examples/site.tf

@@ -17,5 +17,6 @@ resource "incapsula_custom_certificate" "custom-certificate" {
   site_id     = incapsula_site.example-site.id
   certificate = file("path/to/your/cert.crt")
   private_key = file("path/to/your/private_key.key")
+  auth_type   = "RSA/ECC"
   passphrase  = "yourpassphrase"
 }

incapsula/client_certificate.go

@@ -191,7 +191,7 @@ func (c *Client) DeleteCertificate(siteID, authType string) error {
 	// Post form to Incapsula
 	values := url.Values{"site_id": {siteID}}
 
-	if passphrase != "" {
+	if authType != "" {
 		values.Set("auth_type", authType)
 	}
 

incapsula/resource_certificate.go

@@ -51,7 +51,7 @@ func resourceCertificate() *schema.Resource {
 				Description: "The authentication type of the certificate (RSA or ECC). Optional. If not provided, then RSA will be assume.",
 				Type:        schema.TypeString,
 				Optional:    true,
-				Sensitive:   true,
+				Default:     "RSA",
 			},
 			"input_hash": {
 				Description: "inputHash",
@@ -172,15 +172,14 @@ func resourceCertificateDelete(d *schema.ResourceData, m interface{}) error {
 func createHash(d *schema.ResourceData) string {
 	certificate := d.Get("certificate").(string)
 	passphrase := d.Get("passphrase").(string)
-	authType := d.Get("auth_type").(string)
 	privateKey := d.Get("private_key").(string)
-	result := calculateHash(certificate, passphrase, privateKey, authType)
+	result := calculateHash(certificate, passphrase, privateKey)
 	return result
 }
 
-func calculateHash(certificate, passphrase, privateKey, authType string) string {
+func calculateHash(certificate, passphrase, privateKey string) string {
 	h := sha1.New()
-	stringForHash := certificate + privateKey + passphrase + authType
+	stringForHash := certificate + privateKey + passphrase
 	h.Write([]byte(stringForHash))
 	byteString := h.Sum(nil)
 	result := hex.EncodeToString(byteString)

website/docs/r/custom_certificate.html.markdown

@@ -18,6 +18,7 @@ resource "incapsula_custom_certificate" "custom-certificate" {
     site_id = incapsula_site.example-site.id
     certificate = filebase64("${"path/to/your/cert.crt"}")
     private_key = filebase64("${"path/to/your/private_key.key"}")
+    auth_type   = "RSA/ECC"
     passphrase = "yourpassphrase"
 }
 ```
@@ -30,6 +31,7 @@ The following arguments are supported:
 * `certificate` - (Required) The certificate file in base64 format. You can use the Terraform HCL `file` directive to pull in the contents from a file. You can also inline the certificate in the configuration.
 * `private_key` - (Optional) The private key of the certificate in base64 format. Optional in case of PFX certificate file format.
 * `passphrase` - (Optional) The passphrase used to protect your SSL certificate.
+* `auth_type` - (Optional) The authentication type of the certificate (RSA/ECC). If not provided then RSA will be taken as a default.
 * `input_hash` - (Optional) Currently ignored. If terraform plan flags this field as changed, it means that any of: `certificate`, `private_key`, or `passphrase` has changed.
 
 ## Attributes Reference