diff --git a/README.md b/README.md
index 84f7567..026e5dd 100644
--- a/README.md
+++ b/README.md
@@ -76,7 +76,18 @@ If you have a hostname that you'd like to use for your instance, change all inst
 file to your hostname. Be sure to leave the text (e.g. "https://") before and after "localhost" the same. Be sure this 
 hostname is properly configured in your DNS settings and your reverse proxy to point to your kubernetes cluster.
 
-### 3. Deploy the Flame Node
+### 3. Add Custom Certificates (optional)
+
+If the `node` is going to be deployed to an environment where outbound requests are intercepted for inspection by
+leveraging custom certificates then these certificates have to be provisioned for `node` components to pick them up for
+use.
+
+To do so, add any related certificate in `PEM` format to `flame/certs/` using `.pem` as the file extension.
+
+> [!IMPORTANT]  
+> Make sure that all certificates together are not larger than 1MB (due to k8s constraints)!
+
+### 4. Deploy the Flame Node
 Initial deployment will take some time (minutes) to pull of the images, execute the jobs, and to populate the containers. Please be patient during the installation process.
 
 Once you have your configured values YAML file, you can perform installation using helm:
diff --git a/flame/certs/.gitkeep b/flame/certs/.gitkeep
new file mode 100644
index 0000000..e69de29
diff --git a/flame/templates/additional-certs-configmap.yaml b/flame/templates/additional-certs-configmap.yaml
new file mode 100644
index 0000000..18d3e38
--- /dev/null
+++ b/flame/templates/additional-certs-configmap.yaml
@@ -0,0 +1,9 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: flame-additional-certs
+data:
+  certs.pem: |
+{{- range $path, $_ :=  .Files.Glob  "certs/**.pem" }}
+{{ $.Files.Get $path | toString | trim | indent 4 -}}
+{{- end }}
diff --git a/node-message-broker/helm/templates/node-message-broker-deployment.yml b/node-message-broker/helm/templates/node-message-broker-deployment.yml
index c2629ff..68d6965 100644
--- a/node-message-broker/helm/templates/node-message-broker-deployment.yml
+++ b/node-message-broker/helm/templates/node-message-broker-deployment.yml
@@ -26,7 +26,7 @@ spec:
       restartPolicy: "Always"
       containers:
         - name: {{ .Release.Name }}-node-message-broker
-          image: ghcr.io/privateaim/node-message-broker:{{ .Chart.AppVersion }}
+          image: "ghcr.io/privateaim/node-message-broker:{{ .Chart.AppVersion }}"
           imagePullPolicy: "Always"
           securityContext:
             runAsNonRoot: true
@@ -50,7 +50,7 @@ spec:
             - name: HUB_AUTH_BASE_URL
               value: {{ required "A valid HUB Auth base URL is required." (include "broker.hub.authApi" .) | default "https://auth.privateaim.net/" | quote }}
             - name: HUB_MESSENGER_BASE_URL
-              value: {{ required "A valid HUB Messenger base URL is required." (include "broker.hub.messengerApi" .) | default "https://messenger.privateaim.net/" | quote }}              
+              value: {{ required "A valid HUB Messenger base URL is required." (include "broker.hub.messengerApi" .) | default "https://messenger.privateaim.net/" | quote }}
             - name: HUB_AUTH_ROBOT_ID
               value: {{ required "A robot ID for the Hub is required." (include "broker.hub.robotUser" .) | quote }}
             - name: HUB_AUTH_ROBOT_SECRET
@@ -58,9 +58,15 @@ spec:
                 secretKeyRef:
                   name: {{ .Release.Name }}-node-message-broker-hub-auth
                   key: robot-secret
+            - name: NODE_EXTRA_CA_CERTS
+              value: "/mnt/certs/certs.pem"
             # DO NOT USE THIS IN PRODUCTION!!! This is just for internal testing purposes.
             - name: NODE_TLS_REJECT_UNAUTHORIZED
               value: "0"
+          volumeMounts:
+            - mountPath: "/mnt/certs/certs.pem"
+              name: additional-certs
+              subPath: "certs.pem"
           resources:
             requests:
               memory: "256Mi"
@@ -81,3 +87,7 @@ spec:
             initialDelaySeconds: 90
             periodSeconds: 10
             timeoutSeconds: 10
+      volumes:
+        - name: additional-certs
+          configMap:
+            name: flame-additional-certs
diff --git a/node-ui/templates/node-ui-deployment.yaml b/node-ui/templates/node-ui-deployment.yaml
index d3ed5a4..435a593 100644
--- a/node-ui/templates/node-ui-deployment.yaml
+++ b/node-ui/templates/node-ui-deployment.yaml
@@ -47,3 +47,13 @@ spec:
                   key: {{ include "ui.keycloak.secretKey" . }}
             - name: NUXT_AUTH_SECRET
               value: {{ randAlphaNum 32 | b64enc }}
+            - name: NODE_EXTRA_CA_CERTS
+              value: "/mnt/certs/certs.pem"
+          volumeMounts:
+            - mountPath: "/mnt/certs/certs.pem"
+              name: additional-certs
+              subPath: "certs.pem"
+      volumes:
+        - name: additional-certs
+          configMap:
+            name: flame-additional-certs