9737: Updating cert content for workbenches

modules/using-certificates-with-workbenches.adoc

@@ -6,19 +6,38 @@
 [IMPORTANT]
 ====
 ifdef::upstream[]
-Self-signed certificates apply to workbenches that you create after configuring self-signed certificates centrally as described in link:{odhdocshome}/installing-open-data-hub/#understanding-certificates_certs[Understanding certificates in {productname-short}]. There is no change to workbenches that you created before configuring self-signed certificates.
+Self-signed certificates apply by default to workbenches that you create after configuring the certificates centrally as described in link:{odhdocshome}/installing-open-data-hub/#understanding-certificates_certs[Understanding certificates in {productname-short}]. To apply centrally configured certificates to an existing workbench, stop and then restart the workbench.
 endif::[]
 ifndef::upstream[]
 ifdef::cloud-service[]
-Self-signed certificates apply to workbenches that you create after configuring self-signed certificates centrally as described in link:{rhoaidocshome}{default-format-url}/installing_and_uninstalling_{url-productname-short}/working-with-certificates_certs[Working with certificates]. There is no change to workbenches that you created before configuring self-signed certificates.
+Self-signed certificates apply by default to workbenches that you create after configuring the certificates centrally as described in link:{rhoaidocshome}{default-format-url}/installing_and_uninstalling_{url-productname-short}/working-with-certificates_certs[Working with certificates]. To apply centrally configured certificates to an existing workbench, stop and then restart the workbench.
 endif::[]
 ifdef::self-managed[]
-Self-signed certificates apply to workbenches that you create after configuring self-signed certificates centrally as described in link:{rhoaidocshome}{default-format-url}/installing_and_uninstalling_{url-productname-short}/working-with-certificates_certs[Working with certificates] (for disconnected environments, see link:{rhoaidocshome}{default-format-url}/installing_and_uninstalling_{url-productname-short}_in_a_disconnected_environment/working-with-certificates_certs[Working with certificates]. There is no change to workbenches that you created before configuring self-signed certificates.
+Self-signed certificates apply by default to workbenches that you create after configuring the certificates centrally as described in link:{rhoaidocshome}{default-format-url}/installing_and_uninstalling_{url-productname-short}/working-with-certificates_certs[Working with certificates] (for disconnected environments, see link:{rhoaidocshome}{default-format-url}/installing_and_uninstalling_{url-productname-short}_in_a_disconnected_environment/working-with-certificates_certs[Working with certificates]. To apply centrally configured certificates to an existing workbench, stop and then restart the workbench.
 endif::[]
 endif::[]
 ====
 
+Self-signed certificates are stored in `/etc/pki/tls/custom-certs/ca-bundle.crt`. Workbenches are preset with an environment variable that points packages to this path, and that covers many popular HTTP client packages. For packages that are not included by default, you can provide this certificate path. For example, for the `kfp` package to connect to the data science pipeline server:
+
+[source]
+----
+from kfp.client import Client
+
+with open(sa_token_file_path, 'r') as token_file:
+    bearer_token = token_file.read()
+
+    client = Client(
+        host='https://<GO_TO_ROUTER_OF_DS_PROJECT>/',
+        existing_token=bearer_token,
+        ssl_ca_cert='/etc/pki/tls/custom-certs/ca-bundle.crt'
+    )
+    print(client.list_experiments())
+----
+
+
 == Creating data science pipelines with Elyra and self-signed certificates
 
 To create pipelines using a workbench that contains the Elyra extension and which uses self-signed certificates, see the link:https://access.redhat.com/solutions/7046302[Workbench workaround for executing a pipeline using Elyra in a disconnected environment] knowledgebase article.
 
+