diff --git a/ca-issuer/Chart.yaml b/ca-issuer/Chart.yaml
new file mode 100644
index 000000000..8bbb8fe1a
--- /dev/null
+++ b/ca-issuer/Chart.yaml
@@ -0,0 +1,18 @@
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+appVersion: "1.0"
+description: Certificate Issuer chart for OSH
+home: https://cert-manager.io/
+name: ca-issuer
+version: 0.1.0
diff --git a/ca-issuer/requirements.yaml b/ca-issuer/requirements.yaml
new file mode 100644
index 000000000..d4b01e182
--- /dev/null
+++ b/ca-issuer/requirements.yaml
@@ -0,0 +1,13 @@
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+dependencies: []
diff --git a/ca-issuer/templates/issuer-ca.yaml b/ca-issuer/templates/issuer-ca.yaml
new file mode 100644
index 000000000..0ac29ffac
--- /dev/null
+++ b/ca-issuer/templates/issuer-ca.yaml
@@ -0,0 +1,24 @@
+{{/*
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+   http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/}}
+
+---
+apiVersion: cert-manager.io/v1alpha3
+kind: Issuer
+metadata:
+  name: {{ .Values.conf.ca.issuer.name }}
+  namespace: {{ .Release.Namespace }}
+spec:
+  ca:
+    secretName: {{ .Values.conf.ca.secret.name }}
+...
diff --git a/ca-issuer/templates/secret-ca.yaml b/ca-issuer/templates/secret-ca.yaml
new file mode 100644
index 000000000..8b345098f
--- /dev/null
+++ b/ca-issuer/templates/secret-ca.yaml
@@ -0,0 +1,24 @@
+{{/*
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+   http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/}}
+
+---
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ .Values.conf.ca.secret.name }}
+  namespace: {{ .Release.Namespace }}
+data:
+  tls.crt: {{ .Values.conf.ca.secret.crt | default "" | b64enc }}
+  tls.key: {{ .Values.conf.ca.secret.key | default "" | b64enc }}
+...
diff --git a/ca-issuer/values.yaml b/ca-issuer/values.yaml
new file mode 100644
index 000000000..94f893a7c
--- /dev/null
+++ b/ca-issuer/values.yaml
@@ -0,0 +1,21 @@
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+---
+conf:
+  ca:
+    issuer:
+      name: ca-issuer
+    secret:
+      name: secret-name
+      crt: null
+      key: null
+...