Configure your domain SSL certificate

To deploy MOSTLY AI, you need to configure SSL certificates for your fully-qualified domain name (FQDN) to enable secure access to the MOSTLY AI web app.

Prerequisites

Obtain your FQDN SSL certificate from your IT department.
Obtain the name of the secret that your IT department creates in the Kubernetes management console. If you have access to the Kubernetes cluster and the certificate, you can create the secret with the following command:
```
kubectl create secret generic mostly-tls-secret --from-file=certificate.pem -n <namespace>
```

Steps

Copy the SSL certificate in the MOSTLY_AI_Helm_chart directory.
Change directory to templates/.
Edit the files:
- mostly-app-ingress.yaml
- mostly-keycloak-ingress.yaml
- mostly-ui-ingress.yaml
In each file, add the lines between the ellipsis inside the spec block (as shown in the excerpt):
```
    spec:
    ...
        tls:
            - hosts:
                - {{ .Values.ingress.fqdn }}
            secretName: MOSTLY_TLS_SECRET
    ...
```
Replace MOSTLY_TLS_SECRET with the name of the secret configured by your IT department in the Kubernetes management console.
In the root of the Helm chart, edit values.yaml and update the ingress.fqdn value with your FQDN.
values.yaml
```
ingress:
    fqdn: mostly.domain.comm
    ...
```
Save all three files.

What's next

Check the deployment checklist for any additional configurations that might be required. You can then continue with the deployment of MOSTLY AI.