TLS: "Certificate provided as Authority does not appear to be a valid Certificate Authority"

amcsi · January 26, 2024, 1:36pm

I’m using hashicorp/tls, and am generating a client certificate that’s signed by a self-signed root certificate, and I’m getting this warning:

Warning: Potentially Invalid Certificate Authority
Certificate provided as Authority does not appear to be a valid Certificate Authority. The resulting certificate might fail certificate validation.

Does this just mean that the client certificate is not trusted (because it’s obviously signed by a self-signed certificate), or is it completely invalid i.e. it wouldn’t work even if I force trusted it?

rtwolfe · January 26, 2024, 2:46pm

The warning you’re encountering, “Certificate provided as Authority does not appear to be a valid Certificate Authority,” is quite common when dealing with self-signed certificates in infrastructure provisioning, especially with HashiCorp’s Terraform and TLS provider.

To clarify, this warning does not necessarily mean that your client certificate is invalid in the technical sense.

Topic		Replies	Views
Releases.hashicorp.com Certificate expired! Terraform	2	693	June 8, 2022
Azure DevOps TerraformInstaller task self signed certficiate in chain error Terraform azure	1	437	November 7, 2023
How to avoide SSL verification Terraform	6	7455	December 1, 2023
Trouble adding signed certificates to CA Terraform Providers vault	0	1854	September 29, 2021
Tls: failed to verify certificate: x509: certificate signed by unknown authority Azure	0	641	November 6, 2023

TLS: "Certificate provided as Authority does not appear to be a valid Certificate Authority"

Related topics