Trusted System Certificates
Page last updated:
The Cloud Foundry Administrator can deploy a set of trusted system certificates to be made available in Linux-based application instances running on the Diego backend. Such instances include buildpack-based apps using the cflinuxfs2 stack and Docker-image-based apps. If the administrator has configured these certificates, they will be available inside the instance containers as files with extension
.crt in the read-only
/etc/cf-system-certificates directory. For cflinuxfs2-based apps, these certificates will also be installed directly in the
/etc/ssl/certs directory, and so will be available automatically to libraries such as
openssl that respect that trust store.