diff --git a/edge/install.ps1 b/edge/install.ps1
index ccc8c76..6ebfe18 100644
--- a/edge/install.ps1
+++ b/edge/install.ps1
@@ -36,6 +36,7 @@ $ConfigDir = "C:\Program Files\Observo"
 $ZipFile = "$TmpDir\edge.zip"
 $ExtractDir = "$ConfigDir\binaries_edge"
 $ConfigFile = "$ConfigDir\edge-config.json"
+$CAFile = "$ConfigDir\certs\ca.crt"
 $BaseUrl = "https://github.com/open-telemetry/opentelemetry-collector-releases/releases/download"
 $PackageName = "otelcol-contrib"
 $DefaultDownloadUrl = "https://example.com"
@@ -115,6 +116,15 @@ function Parse-EnvironmentVariable {
         return $false
     }
 
+    # Parse caCertificate parameter
+    if ($EnvVar -match "caCertificate=([A-Za-z0-9+/=]+)") {
+        $script:CaCert = $matches[1]
+        Write-Host "Extracted caCertificate (base64): $CaCert"
+    } else {
+        Write-Host "Warning: caCertificate not found in argument"
+        $script:CaCert = ""
+    }
+
     return $true
 }
 
@@ -188,6 +198,37 @@ function Decode-AndExtractConfig {
     }
 }
 
+# Function to setup CA certificate
+function Setup-CaCertificate {
+    if ([string]::IsNullOrEmpty($CaCert)) {
+        Write-Host "No CA certificate provided, skipping certificate setup"
+        return
+    }
+
+    Write-Host "Setting up CA certificate..."
+
+    # Create certificate directory if it doesn't exist
+    $CertDir = Split-Path -Path $CAFile -Parent
+    if (-not (Test-Path -Path $CertDir)) {
+        Write-Host "Creating certificate directory: $CertDir"
+        New-Item -ItemType Directory -Path $CertDir -Force | Out-Null
+    }
+
+    try {
+        # Decode the base64 certificate and save it
+        Write-Host "Decoding and saving CA certificate to $CAFile"
+        $bytes = [Convert]::FromBase64String($CaCert)
+        $certContent = [System.Text.Encoding]::UTF8.GetString($bytes)
+        
+        [System.IO.File]::WriteAllText($CAFile, $certContent, [System.Text.Encoding]::UTF8)
+        
+        Write-Host "CA certificate successfully saved to $CAFile"
+    } catch {
+        Write-Host "Error: Failed to decode and save CA certificate: $_" -ForegroundColor Red
+        return
+    }
+}
+
 # Function to download and extract the agent
 function Download-AndExtractAgent {
     param (
@@ -546,6 +587,7 @@ function Install-AsScheduledTask {
 set OTEL_LOG_FILE_PATH=$EdgeCollectorLogFile
 set OTEL_EXECUTABLE_PATH=$OtelExecutablePath
 set AGENT_ID=$MachineGuid
+set GATEWAY_CA_PATH=$CAFile
 echo Starting Observo Edge Agent at %DATE% %TIME% > "$StdoutLogFile"
     "$EdgeExe" -config "$ConfigFile" >> "$StdoutLogFile" 2>&1
 "@
@@ -643,6 +685,9 @@ Detect-System
 # Decode and extract configuration
 Decode-AndExtractConfig
 
+# Setup CA certificate if provided
+Setup-CaCertificate
+
 # Download and extract the agent
 Download-AndExtractAgent
 
diff --git a/edge/install.sh b/edge/install.sh
index 11d555e..23445d8 100644
--- a/edge/install.sh
+++ b/edge/install.sh
@@ -119,6 +119,18 @@ parse_environment_variable() {
         return 1  # Failure
     fi
 
+    # Parse caCertificate parameter
+    if [[ "$env_var" =~ caCertificate=([A-Za-z0-9+/=]+) ]]; then
+        CA_CERT="${BASH_REMATCH[1]}"  # Extract the base64-encoded CA certificate
+        echo "Extracted caCertificate (base64): $CA_CERT"
+
+        export CA_CERT  # Make it available to other functions
+    else
+        echo "Warning: caCertificate not found in argument"
+        CA_CERT=""
+        export CA_CERT
+    fi
+
     return 0 # Success
 }
 
@@ -199,6 +211,35 @@ decode_and_extract_config() {
     export AGENT_ID
 }
 
+setup_ca_certificate() {
+    if [[ -z "$CA_CERT" ]]; then
+        echo "No CA certificate provided, skipping certificate setup"
+        return 0
+    fi
+
+    echo "Setting up CA certificate..."
+
+    # Create /etc/certs directory if it doesn't exist
+    if [[ ! -d "/etc/certs" ]]; then
+        echo "Creating /etc/certs directory..."
+        sudo mkdir -p /etc/certs
+        sudo chmod 755 /etc/certs
+    fi
+
+    # Decode the base64 certificate and save it
+    echo "Decoding and saving CA certificate to /etc/certs/ca.crt"
+    echo "$CA_CERT" | base64 --decode | sudo tee /etc/certs/ca.crt > /dev/null
+    
+    if [[ $? -eq 0 ]]; then
+        echo "CA certificate successfully saved to /etc/certs/ca.crt"
+        sudo chmod 644 /etc/certs/ca.crt
+        sudo chown root:root /etc/certs/ca.crt
+    else
+        echo "Error: Failed to decode and save CA certificate"
+        return 1
+    fi
+}
+
 
 download_and_extract_agent() {
     PACKAGE="${PACKAGE_NAME}_${VERSION}_${OS}_${ARCH}.tar.gz"
@@ -393,16 +434,19 @@ detect_system
 #   store  the config at $CONFIG_FILE location
 decode_and_extract_config
 
-#7. construct the download url required for the system and download the tar
+#7. setup CA certificate if provided
+setup_ca_certificate
+
+#8. construct the download url required for the system and download the tar
 #   extract binary at $TMP_DIR
 download_and_extract_agent
 
-#8. move the binary to $INSTALL_DIR and give execution permissions
+#9. move the binary to $INSTALL_DIR and give execution permissions
 move_to_bin_and_make_executable
 
-#9. Start server
+#10. Start server
 start_server
 
-#10 create systemd service
+#11. create systemd service
 create_systemd_service