Providing a self-signed certificate to jupyterhub

Hello, I am trying to use keycloak as external identity provider for jupyterhub. Everything is installed via helm and works fine but jupyterhub doesn't trust keycloak by default. How should I properly provide keycloak's self-signed certificate to jupyterhub?
