Overview

This documentation covers the new Sectigo Terraform provider. For information on using, or migrating from, the legacy provider, see Sectigo Terraform Provider (Legacy).

The Sectigo Terraform integration provides a seamless solution for the enrollment, collection, renewal, replacement, and revocation of SSL/TLS and client (S/MIME) certificates issued by the Sectigo Certificate Manager (SCM). This integration is distributed as a Terraform provider. It provides the following features:

  • Enroll, renew, replace, and revoke SSL/TLS certificates.

  • Enroll, renew, and revoke S/MIME certificates.

  • Automatically renew certificates before expiry.

  • OCSP and CRL validation before revocation.

  • RSA 2048, 3072, and 4096-bit private key generation.

  • ECDSA P-224, P-256, P-384, and P-521 curve length private key generation.

  • Certificate Signing Request (CSR) generation.

Package contents

The release package includes the following:

  • terraform-provider-sectigo — the Terraform provider binary, compiled for your platform (FreeBSD, Windows, Linux, macOS) and architecture (amd64, 386, arm, arm64).

  • sectigo-migrate — a standalone CLI tool for migrating Terraform state and configuration from the legacy provider (v2.0.1) to this provider.

  • examples/ — sample Terraform configurations for SSL and client certificate enrollment.

Additional resources