Document Importing a Custom Certificate Authority for SSO

ArgoCD does not support pointing to a kubernetes secret to trust SSO (OIDC) connections that are not trusted by the container already.

To get around this limitation we have confirmed we can mount a kubernetes secret to a file at /etc/pki/tls/certs/ which is the current location of the system trust store for the argocd image from IronBank.

Document utilizing the available volumes & volumeMounts values available in this chart to mount an existing kubernetes secret to /etc/pki/tls/certs/ within an OIDC Custom CA section of the docs/keycloak.md file.

See the following items for reference:

https://repo1.dso.mil/platform-one/big-bang/apps/core/elasticsearch-kibana/-/blob/main/docs/keycloak.md#oidc-custom-ca
https://repo1.dso.mil/platform-one/big-bang/apps/collaboration-tools/mattermost/-/blob/main-minio2/docs/keycloak.md#oidc-custom-ca

Edited Jul 15, 2021 by Ryan Garcia

Admin message

Document Importing a Custom Certificate Authority for SSO