# SSL Cert Parsing

When working with service meshes on various platforms, there is a benefit in supporting multiple methods for accessing secrets. Some platforms (like Kubernetes and OpenShift) provide means of securely storing secrets and mounting them in to running containers.

Others, like AWS ECS and the AWS Secrets manager, don't support such easy operations. To support operations on these other platforms, the **Grey Matter Proxy** contains functionality to parse a limited selection of Base64 encoded SSL certificates and write them directly to disk.

| Variable            | Default | Description                                       |
| ------------------- | ------- | ------------------------------------------------- |
| `INGRESS_TLS_CERT`  | ""      | Written out to `./certs/ingress_localhost.crt`    |
| `INGRESS_TLS_KEY`   | ""      | Written out to `./certs/ingress_localhost.key`    |
| `INGRESS_TLS_TRUST` | ""      | Written out to `./certs/ingress_intermediate.crt` |
| `EGRESS_TLS_CERT`   | ""      | Written out to `./certs/egress_localhost.crt`     |
| `EGRESS_TLS_KEY`    | ""      | Written out to `./certs/egress_localhost.key`     |
| `EGRESS_TLS_TRUST`  | ""      | Written out to `./certs/egress_intermediatet.c`   |

## Questions

{% hint style="success" %}
**Need help with SSL cert parsing?**

Create an account at [Grey Matter Support](https://support.greymatter.io/support/home) to reach our team.
{% endhint %}