I am currently trying to setup ldaps for a sonarqube instance running on kubernetes, but for ldaps to work I need to add the ca to the Java store, ideally I would do this without having to alter the image or doing it manually as it would need to be redone whenever the pod is recreated which goes against kubernetes principles of pods being spendable
Ideally you WOULD alter your image, or rather create a new, reusable parent image. This would then extend your usual parent image, e.g. some alpine linux, and copy your cerificate data into the image which is then to be imported to your images linux trust store. This is the easiest and most straight forward way I know.