Skip to main content

Plugin Signing

OpenTofu providers installed from the Registry are cryptographically signed and the signature is verified at time of installation.

OpenTofu does NOT support fetching and using unsigned binaries, but you can manually install unsigned binaries. You should take extreme care when doing so as no programatic authentication is performed.