I had to make sure my basicConstraints setting in my SSL.cnf file was set to basicConstraints = CA:TRUE. Openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout self.key -out self.crt -config /etc/ssl/openssl.cnf To generate my self signed cert, I executed: I had to mess around quite a bit with the self signed certificate creation on my apache server in order for it to work. Then dump the resultant files to the local apache/nginx webserver in your offline environment. To start, use an internet connected machine and run the terraform providers mirror command as described here ( ). There is no command line option that I could find that allows you to turn off TLS enforcement. This method is a bit tricky if you are using a self-signed certificate because Terraform enforces strict TLS checking. Keep in mind, your file path will be different depending on which provider you use, so please adjust accordingly!įurther information available here: Network mirror Unzip terraform-provider-vsphere_2.0.2_linux_amd64.zip -d ~/.terraform.d/plugins//hashicorp/vsphere/2.0.2/linux_amd64 Unzip the executable to the following directory on your Terraform machine: ~/.terraform.d/plugins//hashicorp/vsphere/2.0.2/linux_amd64įor example: mkdir -p ~/.terraform.d/plugins//hashicorp/vsphere/2.0.2/linux_amd64 In this example I wanted the vsphere provider (terraform-provider-vsphere_2.0.2_linux_amd64.zip) so I grabbed it from Start by download the latest version of the desired plugin from. This was tested on Terraform v1.0.4 on CentOS 7.9 servers. I recently had to run a Terraform build in an air gapped network (no internet access) and these are the steps I took to locally host the Terraform provider I needed (vsphere).
0 Comments
Leave a Reply. |