digitalocean_certificate

Provides a DigitalOcean Certificate resource that allows you to manage certificates for configuring TLS termination in Load Balancers. Certificates created with this resource can be referenced in your Load Balancer configuration via their ID. The certificate can either be a custom one provided by you or automatically generated one with Let's Encrypt.

Example Usage

Custom Certificate

resource "digitalocean_certificate" "cert" {
  name              = "custom-terraform-example"
  type              = "custom"
  private_key       = file("/Users/terraform/certs/privkey.pem")
  leaf_certificate  = file("/Users/terraform/certs/cert.pem")
  certificate_chain = file("/Users/terraform/certs/fullchain.pem")
}

Let's Encrypt Certificate

resource "digitalocean_certificate" "cert" {
  name    = "le-terraform-example"
  type    = "lets_encrypt"
  domains = ["example.com"]
}

Use with Other Resources

Both custom and Let's Encrypt certificates can be used with other resources including the digitalocean_loadbalancer and digitalocean_cdn resources.

resource "digitalocean_certificate" "cert" {
  name    = "le-terraform-example"
  type    = "lets_encrypt"
  domains = ["example.com"]
}

# Create a new Load Balancer with TLS termination
resource "digitalocean_loadbalancer" "public" {
  name        = "secure-loadbalancer-1"
  region      = "nyc3"
  droplet_tag = "backend"

  forwarding_rule {
    entry_port     = 443
    entry_protocol = "https"

    target_port     = 80
    target_protocol = "http"

    certificate_name = digitalocean_certificate.cert.name
  }
}

Argument Reference

The following arguments are supported:

Attributes Reference

The following attributes are exported:

Import

Certificates can be imported using the certificate name, e.g.

terraform import digitalocean_certificate.mycertificate cert-01