Fetching archives over HTTPs fails

Where do I need to place my public and private certs (in PEM format) in order for Terraform to download files from a remote repository? My module is trying to connect to Artifactory to download a ZIP file. Artifactory requires the client to submit its certificate.
I am running the terraform docker container v0.12.5 (hashicorp/terraform:0.12.5) and mounting the following directories: “/etc/ssl:/etc/ssl” and “/etc/pki:/etc/pki”.
The terraform docker container v0.12.5 runs on top of Alpine v3.10.1
I am using Docker v19.03.4 running on CentOS v7.7.1908

My module TF file is

module “pick_image” {

ami_string = “”
owner = “”

When I perform a “terraform init”, I get
"Error: Failed to download module
Could not download module “pick_image” (gen_aws_pick_ami.tf:5) source code from “https://server-name/artifactory/libs-release-local/terraform/modules/aws-pick-ami/0.0.1/aws-pick-ami-0.0.1-builderFiles.zip”: bad response code: 400

If I execute curl passing the client certs it works
curl --cert <public.pem> --key <private.pem> “https://server-name/artifactory/libs-release-local/terraform/modules/aws-pick-ami/0.0.1/aws-pick-ami-0.0.1-builderFiles.zip
But, if I execute curl without the certs, I get the “400 Bad Request” “No required SSL certificate was sent” “openresty/”

I placed the certificates in /etc/ssl/private but still did not work.

Hi @arsandin,

At this time Terraform does not support client certificates when making requests to download modules. It does only local authentication of the server against your local certificate store.

For authentication of the client, Terraform supports only “application-level” authentication for source types where there’s a suitable common convention for declaring them.

In the case of direct HTTP requests for archives, the authentication mechanism Terraform supports for this is HTTP Basic authentication using a .netrc file, as described under HTTP URLs.