How To Replace the TLS Certificate and Private Key (Replicated)

Avatar
Matthew Sanabria
  • Updated

Introduction

This guide describes how to replace the TLS certificate and private key used by Terraform Enterprise to provide HTTPS connections.

Prerequisites

  • Access to the Terraform Enterprise instance and its Replicated management console on port 8800.
  • A new PEM-encoded TLS certificate and private key file.

Use Case

You may need to replace the TLS certificate and private key for the following reasons:

  • The current TLS certificate is expiring and needs to be updated.
  • The current TLS private key needs to be rotated to comply with security processes.
  • The TLS certificate and private key need to be changed to update details such as the Common Name.

Procedure

  1. Log into the Replicated console on port 8800 of your Terraform Enterprise installation.
  2. In the top navigation bar, select the Dashboard tab.
  3. Stop the Terraform Enterprise application by clicking the Stop Now button and wait for the application to stop completely.
  4. In the top right of the navigation bar, click the gear icon, then select Console Settings.
  5. Navigate to the TLS Key & Cert section. You will see one of the following options selected: Self-signed (generated), Server path, or Upload files.
  6. Update the certificate and key using the method that is currently selected.
    • If the Server path option is selected:
      1. Ensure the new TLS certificate and private key files exist on the Terraform Enterprise instance. This path must be different from the existing path. At a minimum, the new filenames must differ from the existing ones.
      2. Update the SSL Private Key Filename field to the absolute path of the new TLS private key file.
      3. Update the SSL Certificate Filename field to the absolute path of the new TLS certificate file.
    • If the Upload files option is selected:
      1. Under the SSL Private Key text, click the Choose file button and upload the new TLS private key file.
      2. Under the SSL Certificate text, click the Choose file button and upload the new TLS certificate file.
      3. You must upload both the certificate and private key files; you cannot change only one.
  7. Scroll to the bottom of the page and click the Save button. Click Ok if prompted.
  8. In the top navigation bar, return to the Dashboard tab.
  9. Start the Terraform Enterprise application by clicking the Start Now button and wait for the application to start completely.

Additional Information

For more details on managing Terraform Enterprise, refer to the official documentation on administering the installation.

Articles in this section

See more

Related articles