Certificate Authority
- Environmental Variable:
CERTIFICATE_AUTHORITY
orCERTIFICATE_AUTHORITY_FILE
- Config File Key:
certificate_authority
orcertificate_authority_file
- Kubernetes: not supported
- Type: base64 encoded
string
or relative file location - Optional
This defines a set of root certificate authorities that Pomerium uses when communicating with other TLS-protected services.
Note: Unlike route-specific certificate authority settings, this setting augments (rather than replaces) the system's trust store. But routes that specify a CA will ignore those provided here.
danger
Be sure to include the intermediary certificate.