Configuring Custom Root CA Certificate
If your organization uses its own custom Certificate Authority, CDSW engines will not be able to automatically recognise the custom CA's root certificate. You must add your internal root CA certificate and all the intermediate certificates in the chain to CDSW so that it is inserted into the engine's root certificate store every time a session (or any workload) is launched. This will allow processes inside the engine to communicate securely with the ingress controller.
- Download /etc/ssl/certs/ca-certificates.crt: ca-certificates.crt.
- Log in to CDSW as a site administrator.
- Go to .
- Under the Root CA Configuration section, paste in the contents of your organization's internal root CA certificate
file and all the Intermediate CA certificate(s) that are there in your trust chain at the end of the ca-certificates.crt file that you downloaded before.
cat ca.crt >> /etc/ssl/certs/ca-certificates.crtThe contents of the certificate should remain in .CRT format. For example:
---BEGIN CERTIFICATE--- xxxxxxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxxxxxx ... ---END CERTIFICATE---The contents of this field are then inserted into the engine's root certificate store every time a session (or any workload) is launched. This allows processes inside the engine to communicate with the ingress controller.
- Click Update.