Installation of Custom SSL CA Certificates
Accurids can be set up to interface with external systems, such as web servers that host ontologies or SparQL endpoints. To ensure secure connections to these external systems, usually TLS encryption is employed.
Should your organization rely on an internal certificate authority (CA) for validating specific system certificates, you may consider including these authorities in the accepted CAs list to facilitate connections to a system.
Configure the Accurids Docker container:
- Set the environment variable
USE_SYSTEM_CA_CERTStotrue. - Mount a volume containing your certificate files to the container's directory
/certificates.
If you are using a Kubernetes environment, you could for example mount a configmap ca-certificates containing the certificates (see also the Kubernetes documentation):
kind: StatefulSet
metadata:
name: accurids
[...]
spec:
[...]
template:
spec:
containers:
- name: accurids
env:
- name: USE_SYSTEM_CA_CERTS
value: "true"
volumeMounts:
- name: certificates
mountPath: /certificates
[...]
volumes:
- name: certificates
configMap:
name: ca-certificates
[...]