Improve configuring of self-signed certificate

Signed-off-by: Sergii Leshchenko <sleshche@redhat.com>

deploy/kubernetes/helm/che/templates/deployment.yaml

@@ -72,17 +72,21 @@ spec:
           valueFrom:
             fieldRef:
               fieldPath: metadata.namespace
+        {{- if .Values.global.tls.enabled }}
+
+        # If self-signed-cert is used then configure Che Server with certificate content
+        # to propagate it to trust store
         {{- if .Values.global.tls.useSelfSignedCerts }}
         - name: CHE_SELF__SIGNED__CERT
           valueFrom:
             secretKeyRef:
-              key: ca.crt
-              name: self-signed-certificate
+              key: tls.crt
+              name: {{ .Values.global.tls.secretName  }}
               optional: false
         {{- end }}
+
         # If workspaces are created in different namespace than Che Server's one
         # then configure Che Server to propagate TLS secret to workspaces' namespaces
-        {{- if .Values.global.tls.enabled }}
         {{- if ne .Release.Namespace .Values.global.cheWorkspacesNamespace }}
         - name: "CHE_INFRA_KUBERNETES_TLS__CERT"
           valueFrom:

deploy/kubernetes/helm/che/values.yaml

@@ -45,12 +45,9 @@ global:
     ## it MUST be pre-created in the configured Che namespace
     secretName: che-tls
 
+    ## If self-signed certificate is enabled
+    ## then certificate from `tls.secretName` will be propagated to Che components' trust stores
     useSelfSignedCerts: false
-    ## Name of a secret that contains `ca.crt` entry with public key
-    ## that will be used for checking server certificate
-    ## Note the helm chart does now create this secret and
-    ## it MUST be pre-created in the configured Che namespace
-    selfSingedCertSecretName: self-signed-cert
 
   gitHubClientID: ""
   gitHubClientSecret: ""