monitor-cloudeng rakokkul$ terraform init
Initializing the backend…
Initializing provider plugins…
- Finding latest version of hashicorp/google…
Error: Failed to query available provider packages
Could not retrieve the list of available versions for provider
hashicorp/google: could not connect to registry.terraform.io: Failed to
request discovery document: Get
https://registry.terraform.io/.well-known/terraform.json: x509: certificate
signed by unknown authority
:monitor-cloudeng rakokkul$ terraform -v
Terraform v0.13.0
please help on resolve this issue .
Hi @rkokkula59,
This message suggests that the certificate verification failed for the secure connection to registry.terraform.io. In particular, it’s saying that the certificate is signed by a certification authority that is not trusted by your system’s certificate store.
In the current implementation of registry.terraform.io the certificate is one issued to the CDN it’s currently using (Fastly) by GlobalSign CloudSSL, so I’m surprised that your system would not trust it. Is there anything unusual about how you have TLS certificates configured on your computer?
Another possibility is that your request is being intercepted by a proxy server that presents its own TLS certificate, signed by itself rather than by a trusted certification authority. In that case, Terraform would reject it because this would be the circumstances of a “man-in-the-middle” attack that could allow an attacker to send you a malicious provider instead of the one you intended to install. However, if you are accessing the registry via a local proxy server and you trust that proxy server then I think you could add that server’s CA certificate to your trusted store so that Terraform will consider it to be a valid certificate.