When using localterraform.com users receives certificate or 401 error.

Problem

When using the domain name localterraform.com, you receive a 401 error. 

localterraform.com: error looking up module versions: 401 Unauthorized.

Prerequisites (if applicable)

• Force TLS is enabled

Cause

• A user receives an error stating IP is not listed as a SAN address. 
• When using the domain localterraform.com as a module source, users receive an unauthorized  401 error because localterraform.com is not included as a subject alternative name (SAN) on the certificate. 
  • TLS Authentication: The client verifies the server's SSL certificate with the certificate authority that issued it. This confirms that the server is who it says it is and that the client is interacting with the actual owner of the domain. (source: https://www.cloudflare.com/learning/ssl/what-happens-in-a-tls-handshake/)

Solutions:

• Use the hostname of TFE for testing

• Turn off "Force TLS" setting in Terraform enterprise

  • 
• Using CLI 

  • replicatedctl app-config set force_tls --value “0”

  • replicatedctl app apply-config
    • This will restart Terraform Enterprise.

Additional Information

• https://www.cloudflare.com/learning/ssl/what-happens-in-a-tls-handshake/

• https://developer.hashicorp.com/terraform/cloud-docs/registry/using#generic-hostname-terraform-cloud-and-terraform-enterprise