Problem
When accessing the Terraform Enterprise console using the IP address instead of the web address, a warning that the certificate is untrusted may be seen. However, you will not face this issue if you use the DNS name to access the console.
Cause
- The certificate that is referenced seems to have an issue with the Subject Alternative Names (SAN) field. Specifically, it appears that the IP address has been either incorrectly entered or is missing altogether from the SAN. As a result, the certificate is not able to properly validate the IP address. The SAN entry provided - "DNS: XXX.XXX.XXX.XXX" - may be related to this issue.
Solutions:
-
Update the Subject Alternative Names on the certificate.
- The DNS names are Identified by DNS: domain/host name
- The IP Addresses are identified by
- IP: XXX.XXX.XXX.XXX
- IP: XXXX:XXXX:XXX:X:XXX:XXXX:AABB:XXXX
- Do not use the IP address to access the console.
Outcome
The certificate should be trusted.