From ecff5d4ddfedb1e8b9050010707fc226578ce96e Mon Sep 17 00:00:00 2001
From: matttrach <matt.trachier@suse.com>
Date: Tue, 8 Oct 2024 15:44:31 -0500
Subject: [PATCH] fix: add certificate chain

Signed-off-by: matttrach <matt.trachier@suse.com>
---
 flake.lock             | 6 +++---
 modules/domain/main.tf | 9 +++++----
 2 files changed, 8 insertions(+), 7 deletions(-)

diff --git a/flake.lock b/flake.lock
index 3d9f83b..0566f82 100644
--- a/flake.lock
+++ b/flake.lock
@@ -20,11 +20,11 @@
     },
     "nixpkgs": {
       "locked": {
-        "lastModified": 1726583932,
-        "narHash": "sha256-zACxiQx8knB3F8+Ze+1BpiYrI+CbhxyWpcSID9kVhkQ=",
+        "lastModified": 1728279793,
+        "narHash": "sha256-W3D5YpNrUVTFPVU4jiEiboaaUDShaiH5fRl9aJLqUnU=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "658e7223191d2598641d50ee4e898126768fe847",
+        "rev": "f85a2d005e83542784a755ca8da112f4f65c4aa4",
         "type": "github"
       },
       "original": {
diff --git a/modules/domain/main.tf b/modules/domain/main.tf
index 9ee740a..84702aa 100644
--- a/modules/domain/main.tf
+++ b/modules/domain/main.tf
@@ -122,10 +122,11 @@ resource "aws_iam_server_certificate" "new" {
     tls_cert_request.req,
     acme_certificate.new,
   ]
-  count            = local.create_cert
-  name_prefix      = "${local.content}-"
-  certificate_body = acme_certificate.new[0].certificate_pem
-  private_key      = tls_private_key.cert_private_key[0].private_key_pem
+  count             = local.create_cert
+  name_prefix       = "${local.content}-"
+  certificate_body  = acme_certificate.new[0].certificate_pem
+  certificate_chain = "${acme_certificate.new[0].certificate_pem}${acme_certificate.new[0].issuer_pem}"
+  private_key       = tls_private_key.cert_private_key[0].private_key_pem
   lifecycle {
     create_before_destroy = true
   }