# Helm

## HQ Changelog

### Added support for certificate / signature verification

In case SAML IdP requires certificate verification, same can be now provided.

{% tabs %}
{% tab title="Reference certificate from Secret" %}
{% code title="values.yaml" %}

```yaml
lensesHq:
  auth:
    saml:
      authnRequestSignature:
        enabled: false
        authnRequestSigningCert:
          referenceFromSecret: true
          secretName: hq-agent-test-authority
          secretKeyName: hq-tls-test.crt.pem
        authnRequestSigningKey:
          secret:
            name: saml-test
            key: privatekey.key
```

{% endcode %}
{% endtab %}

{% tab title="Certificate through String" %}
{% code title="values.yaml" %}

```yaml
lensesHq:
  auth:
    saml:
      authnRequestSignature:
        enabled: false
        authnRequestSigningCert:
          stringData: |
            -----BEGIN CERTIFICATE-----
            ....
            -----END CERTIFICATE-----
        authnRequestSigningKey:
          secret:
            name: saml-test
            key: privatekey.key

```

{% endcode %}

{% endtab %}
{% endtabs %}

### Small bugfixes

* HQ on AutnRequest does not send self-signed certificate to avoid validation issues