Kvindo™ Cloud Docs
A Certificate is a PEM-encoded TLS certificate (plus its private key) stored in the platform. It is referenced by load balancer HTTPS and TLS listeners to terminate encrypted traffic.
• Certificate PEM — the PEM-encoded certificate (include the full chain with any intermediates)
• Private key PEM — the matching PEM-encoded private key (marked sensitive in Terraform; note it is stored unencrypted at rest)
• Usage — reference it from a load balancer HTTPS/TLS listener's certificateId
The platform does not auto-renew uploaded certificates — rotate them before expiry. For load balancers, a self-signed pair works for testing; Let's Encrypt requires the domain's DNS to already point at the load balancer's floating IP.
| UI Name | API / kc name | Terraform name | Optional | Format | Default | Is read only | Description |
|---|---|---|---|---|---|---|---|
| Certificate PEM | spec.certificatePem |
spec.certificate_pem |
No | string (PEM) | — | No | PEM-encoded certificate, including the intermediate chain |
| Private Key PEM | spec.privateKeyPem |
spec.private_key_pem |
Yes | string (PEM, sensitive, nullable) | — | No | PEM-encoded private key matching the certificate; optional at the API level (a cert-only entry is valid), but the Terraform provider requires it |
Terraform
Python SDK
kc CLI
Resource docs
Examples
More in this section