github.com/jaredpalmer/terraform@v1.1.0-alpha20210908.0.20210911170307-88705c943a03/website/docs/cli/plugins/signing.html.md (about) 1 --- 2 layout: "docs" 3 page_title: "Plugin Signing" 4 description: "Learn about the types of signatures providers can have on the Terraform Registry." 5 --- 6 7 <!-- THIS PAGED IS LINKED TO IN THE CLI --> 8 9 # Plugin Signing 10 11 ~> **Note** Currently only provider plugins fetched from a registry are authenticated. 12 13 Terraform providers installed from the Registry are cryptographically signed, and the signature is verified at time of installation. There are three types of provider signatures, each with different trust implications: 14 15 * **Signed by HashiCorp** - are built, signed, and supported by HashiCorp. 16 * **Signed by Trusted Partners** - are built, signed, and supported by a third party. HashiCorp has 17 verified the ownership of the private key and we provide a chain of trust to the CLI to verify this 18 programatically. 19 * **Self-signed** - are built, signed, and supported by a third party. HashiCorp does not provide a 20 verification or chain of trust for the signature. You may obtain and validate fingerprints manually 21 if you want to ensure you are using a binary you can trust. 22 23 Terraform does **NOT** support fetching and using unsigned binaries, but you can manually install 24 unsigned binaries. You should take extreme care when doing so as no programatic authentication is performed. 25 26 Usage of plugins from the registry is subject to the Registry's [Terms of Use](https://registry.terraform.io/terms).