Trusted Certificate Authority

Authservice can be configured with additional trusted certificate bundle in cases where UDS Core ingress gateways are deployed with private PKI.

To configure, set UDS_CA_CERT as an environment variable with a Base64 encoded PEM formatted certificate bundle that can be used to verify the certificates of the tenant gateway.

Alternatively you can specify the CA_CERT variable in your uds-config.yaml:

variables:
  core:
    CA_CERT: <base64 encoded certificate authority>

See configuring Istio Ingress for the relevant documentation on configuring ingress certificates.