Document custom CA use with replicated SDK

replicatedhq · Sep 20, 2024 · 25e4b6d · 25e4b6d
1 parent 1f065a2
commit 25e4b6d
Showing 1 changed file with 16 additions and 0 deletions.
diff --git a/docs/vendor/replicated-sdk-customizing.md b/docs/vendor/replicated-sdk-customizing.md
@@ -110,6 +110,22 @@ replicated:
     value: my-value-2  
 ```
 
+## Custom Certificate Authority
+
+When installing the Replicated SDK behind a proxy server that terminates TLS and injects a custom certificate, you must provide the CA to the SDK. This can be done by storing the CA in a ConfigMap prior to installation and setting `privateCAsConfigmap` key to the name of the ConfigMap.
+
+To store the CA in a ConfigMap:
+
+1. Create a ConfigMap with the name of `private-ca` and the CA as the data value:
+   ```bash
+   kubectl create configmap -n <NAMESPACE> private-ca --from-file=ca.crt=./ca.crt
+   ```
+1. Add the name of the config map to the values file:
+   ```yaml
+   replicated:
+     privateCAsConfigmap: private-ca
+   ```
+
 ## Add Tolerations
 
 The Replicated SDK provides a `replicated.tolerations` value that allows users to add custom tolerations to the deployment. For more information about tolerations, see [Taints and Tolerations](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/).