Overview
The Sectigo Terraform integration provides a seamless solution for the enrollment, collection, renewal, replacement, and revocation of SSL/TLS and client (S/MIME) certificates issued by the Sectigo Certificate Manager (SCM). This integration is distributed as a Terraform provider. It provides the following features:
-
RSA 2048, 3072, and 4096-bit private key generation
-
ECDSA P-256, P-381, and P-521 curve length private key generation
-
Certificate Signing Request (CSR) generation
-
Enrollment, collection, revocation, renewal, and replacement of certificates issued by SCM
The Sectigo Terraform integration supports both the generation of new SSL/TLS and client certificates and the detection of existing certificates stored in a location accessible to the provider at runtime. The integration also checks the validity of existing certificates and allows the issuance of replacement certificates as required. There are various types of SSL certificates that can be requested by supplying the appropriate configuration options.
The types of SSL/TLS and client certificates available are based on your account setup. |
The Sectigo Go Cert APIs are called by the Sectigo Terraform provider which makes all the necessary REST API calls to SCM.
The following is a detailed diagram of the Terraform integration.
Understanding the integration
The Sectigo Terraform integration is based on the Terraform provider binary file terraform-provider-sectigo
that mediates the interaction between Terraform and the Sectigo REST API.
Package contents
The Sectigo Terraform integration package contains the following:
-
terraform-provider-sectigo:
-
terraform-provider-sectigo_v2.x.x: The Sectigo Terraform plugin that handles the
terraform init
,terraform plan
,terraform apply
, andterraform destroy
commands. -
main.tf: The primary Terraform configuration file. This file allows users to choose which types of certificates are required. The file maps the variables from
terraform.auto.tfvars
to theterraform-provider-sectigo
provider attributes. -
variable.tf: A configuration file that defines the variables assigned in
terraform.auto.tfvars
, including their data types. Terraform uses this file to map variables defined inmain.tf
toterraform.auto.tfvars
. -
terraform.auto.tfvars: Contains the set of variables and their configured values.
-
output.tf: Contains the declarations for outputs.
-
Sample:
-
cronjob: A directory that includes several files that showcase how a cronjob may be used with the Sectigo Terraform plugin.
-
index.html: A sample home page
-
server.conf: A sample NGINX config file
-
-