Certificate
Provides a DigitalOcean Certificate resource that allows you to manage certificates for configuring TLS termination in Load Balancers. Certificates created with this resource can be referenced in your Load Balancer configuration via their ID. The certificate can either be a custom one provided by you or automatically generated one with Let's Encrypt.
Example Usage
Custom Certificate
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.digitalocean.Certificate;
import com.pulumi.digitalocean.CertificateArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var cert = new Certificate("cert", CertificateArgs.builder()
.type("custom")
.privateKey(Files.readString(Paths.get("/Users/myuser/certs/privkey.pem")))
.leafCertificate(Files.readString(Paths.get("/Users/myuser/certs/cert.pem")))
.certificateChain(Files.readString(Paths.get("/Users/myuser/certs/fullchain.pem")))
.build());
}
}Content copied to clipboard
Let's Encrypt Certificate
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.digitalocean.Certificate;
import com.pulumi.digitalocean.CertificateArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var cert = new Certificate("cert", CertificateArgs.builder()
.domains("example.com")
.type("lets_encrypt")
.build());
}
}Content copied to clipboard
Use with Other Resources
Both custom and Let's Encrypt certificates can be used with other resources including the digitalocean.LoadBalancer and digitalocean.Cdn resources.
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.digitalocean.Certificate;
import com.pulumi.digitalocean.CertificateArgs;
import com.pulumi.digitalocean.LoadBalancer;
import com.pulumi.digitalocean.LoadBalancerArgs;
import com.pulumi.digitalocean.inputs.LoadBalancerForwardingRuleArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var cert = new Certificate("cert", CertificateArgs.builder()
.type("lets_encrypt")
.domains("example.com")
.build());
var public_ = new LoadBalancer("public", LoadBalancerArgs.builder()
.region("nyc3")
.dropletTag("backend")
.forwardingRules(LoadBalancerForwardingRuleArgs.builder()
.entryPort(443)
.entryProtocol("https")
.targetPort(80)
.targetProtocol("http")
.certificateName(cert.name())
.build())
.build());
}
}Content copied to clipboard
Import
Certificates can be imported using the certificate name, e.g.
$ pulumi import digitalocean:index/certificate:Certificate mycertificate cert-01Content copied to clipboard