Version: 1.2.0

Custom CA certificates

It's possible to add own CA certificates to components' trust store. To do that, config-map with CA bundle has to be present in kubernetes cluster.

CA certificates bundle

User can load multiple certificates into Feature Store components. All certificates have to be bundled in one config item and store in k8s config map, eg:

apiVersion: v1
kind: ConfigMap
metadata:
  name: pem-ca-bundle
data:
  rootCA.pem: |
    -----BEGIN CERTIFICATE-----
    FjAUBgNVBAsMDUZlYXR1cmUtU3RvcmUxDzANBgNVBAMMBlJvb3RDQTCCASIwDQYJ
    ...
    KoZIhvcNAQEBBQADggEPADCCAQoCggEBAMaL6==
    -----END CERTIFICATE-----
    -----BEGIN CERTIFICATE-----
    MIIDTjCCAjYCCQDjradeTuANSjANBgkqhkiG9w0BAQsFADBpMQswCQYDVQQGEwJQ
    ...
    ftAwrrWU2poHRkQQY5CxatxMPgSxievLCwWq7qnzHpXtbw==
    -----END CERTIFICATE-----
    -----BEGIN CERTIFICATE-----
    TDEPMA0GA1UECAwGS3Jha293MQ8wDQYDVQQHDAZLcmFrb3cxDzANBgNVBAoMBkgy
    ...
    Jvo2e6md7u/SB0Rgy6TCbohRVmoqCbuiTfqjJpaLhNVFu==
    -----END CERTIFICATE-----
    ...

Configure Feature Store

To add own CA certificates into Feature Store users have point the config map with the certificate through Helm values:

Helm Value	Default	Description
`global.extraTrustedCertificates.configMapName`	`empty`	ConfigMap name with CA certificates bundle
`global.extraTrustedCertificates.caBundleKey`	`ca_bundle.pem`	ConfigMap key name with certificates list

Feedback

Submit and view feedback for this page
Send feedback about H2O Feature Store to cloud-feedback@h2o.ai

Custom CA certificates

CA certificates bundle​

Configure Feature Store​

CA certificates bundle

Configure Feature Store