To be able to add a certificate to an Artifactory installation using helm, you should follow these steps:
1. If you don't already have a certificate, obtain or create one
Create a Kubernetes Secret to store the certificate in the same NS of Artifactory
<kubectl create secret generic new-cert --from-file=./<CERTNAME>.crt -n <NAMESPACE>
2. Add the following lines to your values.yaml file, ensuring correct indentation:
artifactory: customCertificates: enabled: true certificateSecretName: new-cert
3. This can be performed as part of an upgrade, or as a new installation. Lets update or create the release of Artifactory
helm upgrade <ReleaseName> -f values.yaml jfrog/artifactory -n <NameSpace>
4. To check if the certification was correctly inserted, SSH to the Artifactory container and check if it exists in the
JVM keystore: /opt/jfrog/artifactory/app/third-party/java/bin/keytool -list -storepass changeit -v -keystore /opt/jfrog/artifactory/app/third-party/java/lib/security/cacerts | grep "new-cert"
If you find your file, the certificate was properly added to the JVM Keystore.