Error: Invalid function argument

[melissajenner22]

I got the errors below. Please help.

---

Error: Invalid function argument

on .terraform/modules/vpn/main.tf line 8, in resource "aws_acm_certificate" "client":
8: private_key = file("${path.root}/${var.cert_dir}/${module.this.stage}.${var.cert_domain}.key")
|----------------
| module.this.stage is ""
| path.root is "."
| var.cert_dir is "certs"
| var.cert_domain is "clientvpn.com"

Invalid value for "path" parameter: no file exists at
certs/.clientvpn.com.key; this function works only with files that are
distributed as part of the configuration source code, so if this file will be
created by a resource in this configuration you must instead obtain this
result from an attribute of that resource.

Error: Invalid function argument

on .terraform/modules/vpn/main.tf line 9, in resource "aws_acm_certificate" "client":
9: certificate_body = file("${path.root}/${var.cert_dir}/${module.this.stage}.${var.cert_domain}.crt")
|----------------
| module.this.stage is ""
| path.root is "."
| var.cert_dir is "certs"
| var.cert_domain is "clientvpn.com"

Here is my source code:
main.tf:

resource aws_security_group vpn {
  name        = module.this.id
  description = "Security group to apply to VPN target network"

  ingress {
    description = "Allow all ingress"
    from_port   = 0
    to_port     = 0
    protocol    = -1
    cidr_blocks = ["0.0.0.0/0"]
  }

  egress {
    description = "Allow all egress"
    from_port   = 0
    to_port     = 0
    protocol    = "-1"
    cidr_blocks = ["0.0.0.0/0"]
  }
}

// VPN
module vpn {
  source = "git::https://github.com/DeployMode/terraform-aws-client-vpn.git?ref=tags/0.8.0"

  context = module.this.context

  vpn_client_cidr               = var.vpn_client_cidr
  cert_dir                      = var.cert_dir
  config_dir                    = var.config_dir
  cert_domain                   = var.cert_domain
  subnet_ids                    = data.terraform_remote_state.vpc.outputs.private_subnets
  security_groups               = [aws_security_group.vpn.id]
  logging_enabled               = var.logging_enabled
  cloudwatch_log_retention_days = var.cloudwatch_log_retention_days
}

terraform.tfvars

name = "clientvpn"
cert_domain = "clientvpn.com"
cert_dir = "certs"
config_dir = "config"
vpn_client_cidr = "60.10.0.0/16"
logging_enabled = true
cloudwatch_log_retention_days = 7

I ran, gen-certs.sh and place crt and key at the folder certs.
$ ls certs/
ca.crt server.crt server.key