Using Custom CA Certificates

If you use custom CA certificates in your deployment process, such as self-signed certificates, you can easily add them to env zero’s Self-Hosted Agent. To do so, you can attach certificates using the customCertificates helm value that can be to the configuration. Its value should be a list of Kubernetes Secret names. Each secret may contain one or more custom certificate files. For instance, you can add your CA file using the following command in your cluster:

kubectl create secret generic my-self-signed-cert --from-file=my-self-signed-cert.cer --namespace=env0-agent

Then, in your Helm values file, add the related config:

yaml

"customCertificates":
  - "my-self-signed-cert"

Now you can proceed with the agent upgrade/installation.

Node.js scriptsDuring env zero deployment some customers may want to use Node.js scripts.

To make sure your script using the custom certificates, please add the NODE_EXTRA_CA_CERTS environment variable with the value of /etc/ssl/certs/ca-certificates.crt. That file contains all the certificates in our agent’s pod.

Ignore CA CertsSet gitSslNoVerify to true in your helm values to ignore CA certs.

Using Cache with PVC Env zero hosted encrypted state

⌘I

GET STARTED

AUTOMATE INFRASTRUCTURE

STANDARDIZE OPERATIONS

CLOUD MANAGEMENT

COLLABORATE SECURELY

GOVERNANCE & USAGE OPTIMIZATION

COMMUNITY & LEARNING RESOURCES

BILLING & PRICING

Using Custom CA Certificates