# Configuring custom certificate authority ## Datasource requests If you need to execute request to sources with custom authority then you need to configure the datasource container to use extra certificate. In Docker Compose deployments, it's essential to store the certificate as a file in the file system and then connect this file to the `datasource` container. 1\. Place the necessary certificates in a directory linked as a volume for the `datasource` container. The following code example employs the `./ca` directory. 2\. Adjust the `docker-compose.yaml` file to enable the `datasource` container to link the `./ca` directory as a volume: ``` datasource: container_name: datasource volumes: - ./ca:/usr/datasource/ca ``` 3\. Utilize the provided certificate from the volume by setting it in the `NODE_EXTRA_CA_CERTS` environment variable: ``` datasource: container_name: datasource environment: - NODE_EXTRA_CA_CERTS=/usr/datasource/ca/certificate.pem ``` ## Other requests If your Single Sign-On (SSO) services or OAuth sources require the use of a custom certificate authority, you need to configure the `bakery-back` service. 1\. Create a custom `keystore` on your host machine ``` keytool -genkey -keyalg RSA -keystore mybakerystore.jks ``` 2\. Import your certificate into the keystore ``` keytool -import -trustcacerts -keystore mybakerystore.jks -alias mycert -file file.cer ``` 3\. Update your `docker-compose.yml` file to include a volume for the `bakery-back` service, enabling it to access the custom keystore: ``` bakery-back: container_name: bakery-back depends_on: db: condition: service_healthy image: cruibakeryonprem.azurecr.io/cloud/bakery-back:latest restart: always env_file: .env volumes: - ./keystore_folder:/usr/bakery/keystore_folder ``` 4\. Modify `.env` file to include the following environment variable setting: ``` JAVA_OPTS='-Djavax.net.ssl.trustStore=/usr/bakery/keystore_folder/mybakerystore.jks -Djavax.net.ssl.trustStorePassword=yourpassword' ``` --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.uibakery.io/on-premise/networking-and-security/configuring-custom-certificate-authority.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.