diff --git a/CHANGELOG.md b/CHANGELOG.md
index f33be99bfe43dabb30d6ef517e08bb8949988454..43af8aa35402a60c670c8c80b9fdca5b75bc0641 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -3,6 +3,12 @@
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
 ---
+## [8.2.9-bb.4] (2024-10-22)
+
+### Added
+
+- added trust chain for "ca-certs-entrust-federal-ssp-trust-chain-3"
+
 ## [8.2.9-bb.3] (2024-10-22)
 
 ### Changed
diff --git a/README.md b/README.md
index e340dd1e798bfc82aaf62e13bb01aed4fdbc11f1..63369e1b92acda284011ef20d99734138dce7d35 100644
--- a/README.md
+++ b/README.md
@@ -1,7 +1,7 @@
 <!-- Warning: Do not manually edit this file. See notes on gluon + helm-docs at the end of this file for more information. -->
 # gitlab
 
-![Version: 8.2.9-bb.3](https://img.shields.io/badge/Version-8.2.9--bb.3-informational?style=flat-square) ![AppVersion: v17.2.9](https://img.shields.io/badge/AppVersion-v17.2.9-informational?style=flat-square)
+![Version: 8.2.9-bb.4](https://img.shields.io/badge/Version-8.2.9--bb.4-informational?style=flat-square) ![AppVersion: v17.2.9](https://img.shields.io/badge/AppVersion-v17.2.9-informational?style=flat-square)
 
 GitLab is the most comprehensive AI-powered DevSecOps Platform.
 
@@ -12,7 +12,7 @@ GitLab is the most comprehensive AI-powered DevSecOps Platform.
 
 ## Upstream Release Notes
 
-- The [upstream chart's release notes](https://gitlab.com/gitlab-org/charts/gitlab/-/blob/master/CHANGELOG.md) may help when reviewing this package.
+The [upstream chart's release notes](https://gitlab.com/gitlab-org/charts/gitlab/-/blob/master/CHANGELOG.md) may help when reviewing this package.
 
 ## Learn More
 
@@ -25,9 +25,9 @@ GitLab is the most comprehensive AI-powered DevSecOps Platform.
 - Kubernetes config installed in `~/.kube/config`
 - Helm installed
 
-- Install Helm
+Install Helm
 
-- https://helm.sh/docs/intro/install/
+https://helm.sh/docs/intro/install/
 
 ## Deployment
 
@@ -378,23 +378,24 @@ helm install gitlab chart/
 | global.certificates.customCAs[10].secret | string | `"ca-certs-digicert-nfi-trust-chain-2"` |  |
 | global.certificates.customCAs[11].secret | string | `"ca-certs-entrust-federal-ssp-trust-chain-1"` |  |
 | global.certificates.customCAs[12].secret | string | `"ca-certs-entrust-federal-ssp-trust-chain-2"` |  |
-| global.certificates.customCAs[13].secret | string | `"ca-certs-entrust-managed-service-nfi"` |  |
-| global.certificates.customCAs[14].secret | string | `"ca-certs-exostar-llc"` |  |
-| global.certificates.customCAs[15].secret | string | `"ca-certs-identrust-nfi"` |  |
-| global.certificates.customCAs[16].secret | string | `"ca-certs-lockheed-martin"` |  |
-| global.certificates.customCAs[17].secret | string | `"ca-certs-netherlands-ministry-of-defence"` |  |
-| global.certificates.customCAs[18].secret | string | `"ca-certs-northrop-grumman"` |  |
-| global.certificates.customCAs[19].secret | string | `"ca-certs-raytheon-trust-chain-1"` |  |
-| global.certificates.customCAs[20].secret | string | `"ca-certs-raytheon-trust-chain-2"` |  |
-| global.certificates.customCAs[21].secret | string | `"ca-certs-us-treasury-ssp-trust-chain-1"` |  |
-| global.certificates.customCAs[22].secret | string | `"ca-certs-us-treasury-ssp-trust-chain-2"` |  |
-| global.certificates.customCAs[23].secret | string | `"ca-certs-verizon-cybertrust-federal-ssp"` |  |
-| global.certificates.customCAs[24].secret | string | `"ca-certs-widepoint-federal-ssp-trust-chain-1"` |  |
-| global.certificates.customCAs[25].secret | string | `"ca-certs-widepoint-federal-ssp-trust-chain-2"` |  |
-| global.certificates.customCAs[26].secret | string | `"ca-certs-widepoint-nfi"` |  |
-| global.certificates.customCAs[27].secret | string | `"ca-certs-dod-intermediate-and-issuing-ca-certs"` |  |
-| global.certificates.customCAs[28].secret | string | `"ca-certs-dod-trust-anchors-self-signed"` |  |
-| global.certificates.customCAs[29].secret | string | `"ca-certs-eca"` |  |
+| global.certificates.customCAs[13].secret | string | `"ca-certs-entrust-federal-ssp-trust-chain-3"` |  |
+| global.certificates.customCAs[14].secret | string | `"ca-certs-entrust-managed-service-nfi"` |  |
+| global.certificates.customCAs[15].secret | string | `"ca-certs-exostar-llc"` |  |
+| global.certificates.customCAs[16].secret | string | `"ca-certs-identrust-nfi"` |  |
+| global.certificates.customCAs[17].secret | string | `"ca-certs-lockheed-martin"` |  |
+| global.certificates.customCAs[18].secret | string | `"ca-certs-netherlands-ministry-of-defence"` |  |
+| global.certificates.customCAs[19].secret | string | `"ca-certs-northrop-grumman"` |  |
+| global.certificates.customCAs[20].secret | string | `"ca-certs-raytheon-trust-chain-1"` |  |
+| global.certificates.customCAs[21].secret | string | `"ca-certs-raytheon-trust-chain-2"` |  |
+| global.certificates.customCAs[22].secret | string | `"ca-certs-us-treasury-ssp-trust-chain-1"` |  |
+| global.certificates.customCAs[23].secret | string | `"ca-certs-us-treasury-ssp-trust-chain-2"` |  |
+| global.certificates.customCAs[24].secret | string | `"ca-certs-verizon-cybertrust-federal-ssp"` |  |
+| global.certificates.customCAs[25].secret | string | `"ca-certs-widepoint-federal-ssp-trust-chain-1"` |  |
+| global.certificates.customCAs[26].secret | string | `"ca-certs-widepoint-federal-ssp-trust-chain-2"` |  |
+| global.certificates.customCAs[27].secret | string | `"ca-certs-widepoint-nfi"` |  |
+| global.certificates.customCAs[28].secret | string | `"ca-certs-dod-intermediate-and-issuing-ca-certs"` |  |
+| global.certificates.customCAs[29].secret | string | `"ca-certs-dod-trust-anchors-self-signed"` |  |
+| global.certificates.customCAs[30].secret | string | `"ca-certs-eca"` |  |
 | global.kubectl.image.repository | string | `"registry1.dso.mil/ironbank/gitlab/gitlab/kubectl"` |  |
 | global.kubectl.image.tag | string | `"17.2.9"` |  |
 | global.kubectl.image.pullSecrets[0].name | string | `"private-registry"` |  |
@@ -439,12 +440,12 @@ helm install gitlab chart/
 | nginx-ingress-geo.<<.enabled | bool | `false` |  |
 | nginx-ingress.tcpExternalConfig | string | `"true"` |  |
 | nginx-ingress-geo.<<.tcpExternalConfig | string | `"true"` |  |
-| nginx-ingress-geo.controller.<<.addHeaders.Referrer-Policy | string | `"strict-origin-when-cross-origin"` |  |
 | nginx-ingress.controller.addHeaders.Referrer-Policy | string | `"strict-origin-when-cross-origin"` |  |
 | nginx-ingress-geo.<<.controller.addHeaders.Referrer-Policy | string | `"strict-origin-when-cross-origin"` |  |
-| nginx-ingress-geo.controller.<<.config.annotation-value-word-blocklist | string | `"load_module,lua_package,_by_lua,location,root,proxy_pass,serviceaccount,{,},',\""` |  |
+| nginx-ingress-geo.controller.<<.addHeaders.Referrer-Policy | string | `"strict-origin-when-cross-origin"` |  |
 | nginx-ingress-geo.<<.controller.config.annotation-value-word-blocklist | string | `"load_module,lua_package,_by_lua,location,root,proxy_pass,serviceaccount,{,},',\""` |  |
 | nginx-ingress.controller.config.annotation-value-word-blocklist | string | `"load_module,lua_package,_by_lua,location,root,proxy_pass,serviceaccount,{,},',\""` |  |
+| nginx-ingress-geo.controller.<<.config.annotation-value-word-blocklist | string | `"load_module,lua_package,_by_lua,location,root,proxy_pass,serviceaccount,{,},',\""` |  |
 | nginx-ingress-geo.controller.config.<<.annotation-value-word-blocklist | string | `"load_module,lua_package,_by_lua,location,root,proxy_pass,serviceaccount,{,},',\""` |  |
 | nginx-ingress-geo.controller.config.<<.hsts | string | `"true"` |  |
 | nginx-ingress-geo.<<.controller.config.hsts | string | `"true"` |  |
diff --git a/chart/Chart.yaml b/chart/Chart.yaml
index 6c5f01d18045c1a25f684173f5c24bbac82f7e1f..58c00d189648bbc9283d07df0954b5addd5a28b0 100644
--- a/chart/Chart.yaml
+++ b/chart/Chart.yaml
@@ -1,7 +1,7 @@
 ---
 apiVersion: v1
 name: gitlab
-version: 8.2.9-bb.3
+version: 8.2.9-bb.4
 appVersion: v17.2.9
 description: GitLab is the most comprehensive AI-powered DevSecOps Platform.
 keywords:
diff --git a/chart/bigbang/DoD_CA_certs/Entrust_Federal_SSP/Trust_Chain_3/1-Entrust_Managed_Services_Root_CA.cer b/chart/bigbang/DoD_CA_certs/Entrust_Federal_SSP/Trust_Chain_3/1-Entrust_Managed_Services_Root_CA.cer
new file mode 100644
index 0000000000000000000000000000000000000000..297fb870ef79a04cff40493f461a1824741425d8
--- /dev/null
+++ b/chart/bigbang/DoD_CA_certs/Entrust_Federal_SSP/Trust_Chain_3/1-Entrust_Managed_Services_Root_CA.cer
@@ -0,0 +1,25 @@
+-----BEGIN CERTIFICATE-----
+MIIESDCCAzCgAwIBAgIERIGyKzANBgkqhkiG9w0BAQsFADBuMQswCQYDVQQGEwJV
+UzEQMA4GA1UEChMHRW50cnVzdDEiMCAGA1UECxMZQ2VydGlmaWNhdGlvbiBBdXRo
+b3JpdGllczEpMCcGA1UECxMgRW50cnVzdCBNYW5hZ2VkIFNlcnZpY2VzIFJvb3Qg
+Q0EwHhcNMjMwNzExMjA0ODQ2WhcNMzAxMjExMjExODQ2WjBuMQswCQYDVQQGEwJV
+UzEQMA4GA1UEChMHRW50cnVzdDEiMCAGA1UECxMZQ2VydGlmaWNhdGlvbiBBdXRo
+b3JpdGllczEpMCcGA1UECxMgRW50cnVzdCBNYW5hZ2VkIFNlcnZpY2VzIFJvb3Qg
+Q0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDh8nnc23l3ypxGgcXD
+1eFMYMxKf0x+jmERnuK17RCBNMOoW+ACGlPLacJZMxlzNuvIepaI2aYJr4A3ly7a
+hCHiCHmuiQyPpPKsgwMrp+7juvL6dsx6hyZXdcO80UO58py4l5ExmgQPe61/LXlg
+g7MRK0nxkWRBmwp3M+zQWGiGTRqM8DemwTWQ2xc78wl5etEbf8H5xtPcnrG6/7RZ
+ctXXmW12ov3nsQsBnypediJcE5jr6ibclwRkAMJcSCqlyinx/3Nd7ZjrYCvLJMql
+J1/jBy5kZauQ3S9MgYbzaDexnQww3YL4PPQMA1BZGCzc7L6YbZPWUDWUypHLnO6L
++Zc1AgMBAAGjge0wgeowXwYIKwYBBQUHAQsEUzBRME8GCCsGAQUFBzAFhkNodHRw
+Oi8vcm9vdHdlYi5tYW5hZ2VkLmVudHJ1c3QuY29tL1NJQS9DQWNlcnRzSXNzdWVk
+QnlFTVNSb290Q0EucDdjMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEG
+MEcGA1UdHwRAMD4wPKA6oDiGNmh0dHA6Ly9yb290d2ViLm1hbmFnZWQuZW50cnVz
+dC5jb20vQ1JMcy9FTVNSb290Q0E0LmNybDAdBgNVHQ4EFgQUHCH145WxdX4Gh063
+sOgzsdiKC2UwDQYJKoZIhvcNAQELBQADggEBALloQxqFpitQkBhylYQ5rXcTZpXF
+VhC0xID1Ds6X8C+UeXC++9nJSgZNWIvlxZ0hURc/wMIPPmrdNTva5y8iAlFL9Ly4
+R4ryuCPO/EyJws1H9y/BEnELX1nhHUNxXsPbHGuF6JEfg/er8N73Bc0OEXYtXCGt
+NaSMCCJw0BM3djrnxvk4U3pC07BtYsavDtgsc9S1lQBxO2rW/kRLuLh7nW7TVSHw
+vKZmQIYvlxRNnmRmCwToGHd2r+JjgRjyDxYjFtvrf4kguNgM1ByonGsUGs1jSwdJ
+E7++XFI0+8jOrknWHkrOHPcjK8Z0RZlAgZNYtnOsCspZf+VdJ3vlYhljGyM=
+-----END CERTIFICATE-----
diff --git a/chart/bigbang/DoD_CA_certs/Entrust_Federal_SSP/Trust_Chain_3/2-Entrust_Managed_Services_SSP_CA.cer b/chart/bigbang/DoD_CA_certs/Entrust_Federal_SSP/Trust_Chain_3/2-Entrust_Managed_Services_SSP_CA.cer
new file mode 100644
index 0000000000000000000000000000000000000000..e1f051497e3826d936fd25069ee2e82dc191d7c5
--- /dev/null
+++ b/chart/bigbang/DoD_CA_certs/Entrust_Federal_SSP/Trust_Chain_3/2-Entrust_Managed_Services_SSP_CA.cer
@@ -0,0 +1,30 @@
+-----BEGIN CERTIFICATE-----
+MIIFLjCCBBagAwIBAgIERIGyLzANBgkqhkiG9w0BAQsFADBuMQswCQYDVQQGEwJV
+UzEQMA4GA1UEChMHRW50cnVzdDEiMCAGA1UECxMZQ2VydGlmaWNhdGlvbiBBdXRo
+b3JpdGllczEpMCcGA1UECxMgRW50cnVzdCBNYW5hZ2VkIFNlcnZpY2VzIFJvb3Qg
+Q0EwHhcNMjMwNzExMjEzMzMxWhcNMzAxMTExMjIwMzMxWjBtMQswCQYDVQQGEwJV
+UzEQMA4GA1UEChMHRW50cnVzdDEiMCAGA1UECxMZQ2VydGlmaWNhdGlvbiBBdXRo
+b3JpdGllczEoMCYGA1UECxMfRW50cnVzdCBNYW5hZ2VkIFNlcnZpY2VzIFNTUCBD
+QTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMAGndnOscVr13p4WiQI
+Pt893DK1LeACg6qgW636I8VLlJGJQwao4lrT1kajgKR2Wx4KLMv6yKmqUfUuAoyq
+PEHaDNVpWTqKI6g5m3Hckq73Sr8fIGxVMzi5qxxyll2SKvNh+qQnloFSKmSerF6d
+nkaIfMOb3FH21akkYdwnQkAdsETmjfhiowapyd2LJzsuhWFybaNHJBYb1cUeNlGS
+StD0gMmkHZqKll+LW+LAJJW18KXf8IT6QTTlb6syemcXUHkxFPtgsupWnhzuoo2k
+yUFXiCmACvD1aBT06OCK/qhAO5Aif98ejzzf/Y9yFiJyigY2D2YVONp+j52DLZvI
+7DMCAwEAAaOCAdMwggHPMA4GA1UdDwEB/wQEAwIBBjB5BgNVHSAEcjBwMAwGCmCG
+SAFlAwIBAwYwDAYKYIZIAWUDAgEDBzAMBgpghkgBZQMCAQMIMAwGCmCGSAFlAwIB
+Aw0wDAYKYIZIAWUDAgEDETAMBgpghkgBZQMCAQMnMAwGCmCGSAFlAwIBAygwDAYK
+YIZIAWUDAgEDKTASBgNVHRMBAf8ECDAGAQH/AgEAMIGkBggrBgEFBQcBAQSBlzCB
+lDBNBggrBgEFBQcwAoZBaHR0cDovL3Jvb3R3ZWIubWFuYWdlZC5lbnRydXN0LmNv
+bS9BSUEvQ2VydHNJc3N1ZWRUb0VNU1Jvb3RDQS5wN2MwQwYIKwYBBQUHMAGGN2h0
+dHA6Ly9vY3NwLm1hbmFnZWQuZW50cnVzdC5jb20vT0NTUC9FTVNSb290Q0FSZXNw
+b25kZXIwRwYDVR0fBEAwPjA8oDqgOIY2aHR0cDovL3Jvb3R3ZWIubWFuYWdlZC5l
+bnRydXN0LmNvbS9DUkxzL0VNU1Jvb3RDQTQuY3JsMB8GA1UdIwQYMBaAFBwh9eOV
+sXV+BodOt7DoM7HYigtlMB0GA1UdDgQWBBSbf7YpDdHvrjJAb/jC2Xy0wJdQljAN
+BgkqhkiG9w0BAQsFAAOCAQEA1vUT2MZh/9O2onlBBakuMo0vGE6898nSJWnftaUt
+coCmHvMcT1URGxv7pb9oap4aXq37IItLpw5Fp/0hncaX0ebivk3FiY28mHEm1Bpr
+cx+Ooo0Yfg0y2ShRDMUpYdy4QvCggwewvKgv8A9tGTHlsWAgd/WctcIjwGxH9YYK
+yOYEYQVZACFNAist3WCrnp65JpEJIyerpxGNQJMqDTFSABt8pTy/5u3OP8N/KiEW
+sB/OBQidSSnUdpHGinY6G+5tXxOAKbUM5qWkAGpg5NEyZLbIVMrGbU11F8INIz3o
+VBd4nYfYZ3vNgNMHnhHgxFWs0uxiXK+TBD0Qc1ycCX+B3A==
+-----END CERTIFICATE-----
diff --git a/chart/values.yaml b/chart/values.yaml
index b76b4f19bba6cc48a178af1100124589f4b2a53e..325c5c57b4527b53dbae578b1d7ecec5b8b0bb0a 100644
--- a/chart/values.yaml
+++ b/chart/values.yaml
@@ -846,6 +846,7 @@ global:
       - secret: ca-certs-digicert-nfi-trust-chain-2
       - secret: ca-certs-entrust-federal-ssp-trust-chain-1
       - secret: ca-certs-entrust-federal-ssp-trust-chain-2
+      - secret: ca-certs-entrust-federal-ssp-trust-chain-3
       - secret: ca-certs-entrust-managed-service-nfi
       - secret: ca-certs-exostar-llc
       - secret: ca-certs-identrust-nfi