Use Case
When you configure a custom SSL/TLS certificate for a Terraform Enterprise installation, you must provide the full certificate chain in a single .pem file. The certificates within this file must be in a specific order for the application to function correctly.
Procedure
To create a valid certificate file, you must concatenate the intermediate and root certificates into a single .pem file in the following order.
- The Intermediate Certificate (e.g.,
intermediate.crt) - The Root Certificate (e.g.,
TrustedRoot.crt)
This order is a requirement of the .pem format used by Terraform Enterprise.
Note: SSL servers provide the end-entity certificate (also known as the serving certificate) to clients during the TLS handshake. Therefore, you only need to include the Intermediate and Root CA certificates in the file you upload to Terraform Enterprise for SSL validation.
Additional Information
- For more details on the
.pemformat, refer to the DigiCert: PEM Format SSL Certificate Creation guide. - For official guidance, please consult the Terraform Enterprise documentation regarding SSL/TLS certificate configuration.