[ENHANCEMENT] Add a custom trust store to Console

[hamza-m-masood]

Describe the use case:

Research and implement adding a trust store to Console. For example, a use-case for this feature would be to add self-signed certificates to Console. Research is required since Console is not a Java application. It is made with Vue and javascript. The same functionality can't be replicated from other Java apps. Related slack thread: https://camunda.slack.com/archives/C03UR0V2R2M/p1716362967508299

Describe the enhancement/feature:

Currently in other applications, it is possible to add a custom trust store through the use of the JAVA_TOOL_OPTIONS env var. Here is an excerpt from the optimize deployment template:

env:
  - name: JAVA_TOOL_OPTIONS
     value: -Djavax.net.ssl.trustStore=/optimize/certificates/externaldb.jks
volumeMounts:
  - name: keystore
     mountPath: /optimize/certificates/externaldb.jks
     subPath: externaldb.jks
volumes:
   - name: keystore
      secret:
      secretName: {{ .Values.global.elasticsearch.tls.existingSecret }}
      optional: false

It would be ideal to have a dedicated folder to store the file with the trust store. Just like there are dedicated folders in other Java based applications.

Desired outcome and acceptance tests:

• Research how a trust store can be created in a nodejs based application
• Have a dedicated folder where the file with the custom trust store can be mounted through a volume as a secret and referenced through an env var.
• Create unit test(s) to make sure the file exists when it is referenced through the values.yaml

[hamza-m-masood]

Please let me know if I have missed anything @theburi

[kam-uddin]

To workaround the issue, the user can set the environment variable NODE_EXTRA_CA_CERTS to the path of the root cert. This approach is already used by Identity here. This worked for a customer in SUPPORT-22029