Documentation Content

With v1.13, the operator has updated the default TLS termination policy of the server Route from Passthrough to Reencrypt.  The Route controller will now rely on the default ingress certificate instead of the self-signed certificate created by the operator. With this change, users no longer have to manually update the server certificate if the ingress certificate is signed by a custom CA(Certificate Authority). Users can change this behavior by configuring the .spec.server.route.tls field of the Argo CD CR. Here are additional details on how to configure TLS for the server route https://argocd-operator.readthedocs.io/en/latest/usage/routes/#setting-tls-modes-for-routes

Where should we include this in the docs? We can include it under "Installing an Argo CD instance". Point 5.b talks about enabling route and we could expand it further with the above text. 

https://docs.openshift.com/gitops/1.12/argocd_instance/setting-up-argocd-instance.html#gitops-argo-cd-installation_setting-up-argocd-instance