Custom CA Root Certificate

You can install custom CA root certificates in your Appsmith container. It is useful when:

1. You interact with internal endpoints that use private SSL certificates via Appsmith without disabling SSL verification.
2. If you have your Appsmith instance behind a firewall or a proxy, that requires SSL decryption.

Set up using custom CA root folder

To set up custom CA certificates using the folder method, follow these steps:

1. Create a ca-certs folder in your stacks folder.

2. Save all your CA root certificates in the ca-certs folder. If your cert file has a .pem extension, rename it to .crt before adding it to the stacks/ca-certs folder

3. Restart Appsmith.

Appsmith checks the ca-certs folder for CA root certificates and applies them on startup.

caution

Removing a certificate from the ca-certs folder will also remove it from the trust store, resulting in the certificate no longer being trusted.

Set up using values.yaml

For Appsmith installations on Kubernetes, you can add custom CA certificates by updating the values.yaml file. Follow these steps:

1. Open values.yaml.

2. Locate the customCAcert section.

3. Add your certificates by pasting their content as shown:

customCAcert:
  cert1: |
    (Paste the certificate content here)
  cert2: |
    (Paste additional certificate content here)

4. Save the file and run the Helm upgrade command to apply your changes:

helm upgrade -i appsmith-ee appsmith-ee/appsmith -n appsmith-ee -f values.yaml

These steps add your custom certificates to the Appsmith trust store.