diff --git a/collectors/metrics/pkg/forwarder/forwarder_test.go b/collectors/metrics/pkg/forwarder/forwarder_test.go
index 73f489d6f..2b224b6ff 100644
--- a/collectors/metrics/pkg/forwarder/forwarder_test.go
+++ b/collectors/metrics/pkg/forwarder/forwarder_test.go
@@ -18,6 +18,9 @@ import (
 	"github.com/prometheus/client_golang/prometheus"
 )
 
+// Base64 encoded CA cert string
+var customCA = "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURXVENDQWtHZ0F3SUJBZ0lVWTRHWjZPWk5uTnZySjFjNUk1RjNYZzQrRTFjd0RRWUpLb1pJaHZjTkFRRUwKQlFBd1BERUxNQWtHQTFVRUJoTUNSRVV4RHpBTkJnTlZCQWdNQm1KbGNteHBiakVQTUEwR0ExVUVCd3dHWW1WeQpiR2x1TVFzd0NRWURWUVFLREFKeWFEQWVGdzB5TXpFeU1URXhNelF6TURaYUZ3MHpNekV5TURneE16UXpNRFphCk1Ed3hDekFKQmdOVkJBWVRBa1JGTVE4d0RRWURWUVFJREFaaVpYSnNhVzR4RHpBTkJnTlZCQWNNQm1KbGNteHAKYmpFTE1Ba0dBMVVFQ2d3Q2NtZ3dnZ0VpTUEwR0NTcUdTSWIzRFFFQkFRVUFBNElCRHdBd2dnRUtBb0lCQVFDdwprNEhLV3VBOFptN0JQR2IvZEJjaGtNUFZhWGw0dzJlVHhxRG14OVhYaGVCRFZva0lKZkFGTGZ6a3YwYUd0NWV4ClprenQxc0tQVHk0NEY5ckRKSEg2dWpEODA4U1FPV0p3WFJCakI4Tk1zSjhTTVRCUm5KUE5YNTJ0akdQNjc3UEUKNWpINnc2OW9hMG9tcGVvRDk2eUM2RTZmWU9pbFl0cVF5UFdsT0MzNEQ3TnNXU1gxdnN4cmx3VTBsQXJCbWdQYQpuZURFMnQ1cU1aK1F5TXBhQi80SFh4L2NLYU5XYXJWN3FzV3ZwSE9mOGN2OUNKd1c3VkhWdjJvNUVReVI1MkcrCitOYXE4bTduSVBzaFJSMjBHMjRsR01sVUFaTjFaMkl6VjN3UExUUmZNTXRYdGtIMFVKT3pnZTQvaExSWVJBSzMKTnhZU0xJYmFscWJsa2lUTWxFbEpBZ01CQUFHalV6QlJNQjBHQTFVZERnUVdCQlNJVFZVY2s2Wmg2WTZkY2RxZwo0VHVYRjMxcjFqQWZCZ05WSFNNRUdEQVdnQlNJVFZVY2s2Wmg2WTZkY2RxZzRUdVhGMzFyMWpBUEJnTlZIUk1CCkFmOEVCVEFEQVFIL01BMEdDU3FHU0liM0RRRUJDd1VBQTRJQkFRQ0FKUWFKM2RkYVkvNVMydHU0TnNVeXNiVG8KY3BrL3YyZkxpUkthdmtiZk1kTjBFdkV6K2gwd3FqOUpQdGJjUm5Md2tlQWdmQ3Uzb29zSG4rOXc4SkFaRjJNcwpEM1FucVovaVNNVjVHSDdQTjlIK0h0M1lVQTIwWWh3QkY0RFVXYm5wS0lnL2p4NWdmVTFYZEljK2JpUWJhdHk3CmxUL0hVOVhPRmlqM3VwbWRFakgrQVlJT2QxSFh4M3dsZlFhNHFrdWhHeUMwWXNkeldidWFxaE1tdnJkQksrSDAKUUxPcnAzN3l2OHVwUFVlMXhwTzZTeUg5QjVEeXhEWkVjMXN6WVpSVXdNVzZxc3NkWEZvWGZ0SjYxZmo3S05XagoyamcwZkQ1ZEhFT1RObDFDT3p3Q1lvR1k5ejVWOHNhYy9sSDg3UkxYWXdBcXdvcEdpanM4QXBCeklURm8KLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo="
+
 func init() {
 	os.Setenv("UNIT_TEST", "true")
 }
@@ -125,10 +128,23 @@ func TestNew(t *testing.T) {
 			},
 			err: true,
 		},
+		{
+			// Providing CustomCA should not error.
+			c: Config{
+				From:       from,
+				ToUpload:   toUpload,
+				ToUploadCA: customCA,
+				Logger:     log.NewNopLogger(),
+			},
+			err: false,
+		},
 	}
 
 	for i := range tc {
 		tc[i].c.Metrics = NewWorkerMetrics(prometheus.NewRegistry())
+		if tc[i].c.ToUploadCA == customCA {
+			os.Setenv("HTTPS_PROXY_CA_BUNDLE", customCA)
+		}
 		if _, err := New(tc[i].c); (err != nil) != tc[i].err {
 			no := "no"
 			if tc[i].err {
diff --git a/collectors/metrics/pkg/metricsclient/metricsclient.go b/collectors/metrics/pkg/metricsclient/metricsclient.go
index 24f1b76bc..1232f6a4f 100644
--- a/collectors/metrics/pkg/metricsclient/metricsclient.go
+++ b/collectors/metrics/pkg/metricsclient/metricsclient.go
@@ -9,6 +9,7 @@ import (
 	"context"
 	"crypto/tls"
 	"crypto/x509"
+	"encoding/base64"
 	"encoding/json"
 	"errors"
 	"fmt"
@@ -373,18 +374,31 @@ func MTLSTransport(logger log.Logger, caCertFile, tlsCrtFile, tlsKeyFile string)
 		tlsCrtFile = "../../testdata/tls/tls.crt"
 	}
 	// Load Server CA cert
-	caCert, err := os.ReadFile(filepath.Clean(caCertFile))
+	var caCert []byte
+	var err error
+
+	caCert, err = os.ReadFile(filepath.Clean(caCertFile))
 	if err != nil {
 		return nil, fmt.Errorf("failed to load server ca cert file: %w", err)
 	}
+
 	// Load client cert signed by Client CA
 	cert, err := tls.LoadX509KeyPair(tlsCrtFile, tlsKeyFile)
 	if err != nil {
 		return nil, fmt.Errorf("failed to load client ca cert: %w", err)
 	}
-
 	caCertPool := x509.NewCertPool()
 	caCertPool.AppendCertsFromPEM(caCert)
+
+	if os.Getenv("HTTPS_PROXY_CA_BUNDLE") != "" {
+		customCaCert, err := base64.StdEncoding.DecodeString(os.Getenv("HTTPS_PROXY_CA_BUNDLE"))
+		logger.Log(logger, logger.Log("msg", "caCert", "caCert", caCert))
+		if err != nil {
+			return nil, fmt.Errorf("failed to decode server ca cert: %w", err)
+		}
+		caCertPool.AppendCertsFromPEM(customCaCert)
+	}
+
 	// Setup HTTPS client
 	tlsConfig := &tls.Config{
 		Certificates: []tls.Certificate{cert},
diff --git a/collectors/metrics/testdata/tls/custom_ca.crt b/collectors/metrics/testdata/tls/custom_ca.crt
new file mode 100644
index 000000000..0fe4aacfe
--- /dev/null
+++ b/collectors/metrics/testdata/tls/custom_ca.crt
@@ -0,0 +1,20 @@
+-----BEGIN CERTIFICATE-----
+MIIDWTCCAkGgAwIBAgIUY4GZ6OZNnNvrJ1c5I5F3Xg4+E1cwDQYJKoZIhvcNAQEL
+BQAwPDELMAkGA1UEBhMCREUxDzANBgNVBAgMBmJlcmxpbjEPMA0GA1UEBwwGYmVy
+bGluMQswCQYDVQQKDAJyaDAeFw0yMzEyMTExMzQzMDZaFw0zMzEyMDgxMzQzMDZa
+MDwxCzAJBgNVBAYTAkRFMQ8wDQYDVQQIDAZiZXJsaW4xDzANBgNVBAcMBmJlcmxp
+bjELMAkGA1UECgwCcmgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCw
+k4HKWuA8Zm7BPGb/dBchkMPVaXl4w2eTxqDmx9XXheBDVokIJfAFLfzkv0aGt5ex
+Zkzt1sKPTy44F9rDJHH6ujD808SQOWJwXRBjB8NMsJ8SMTBRnJPNX52tjGP677PE
+5jH6w69oa0ompeoD96yC6E6fYOilYtqQyPWlOC34D7NsWSX1vsxrlwU0lArBmgPa
+neDE2t5qMZ+QyMpaB/4HXx/cKaNWarV7qsWvpHOf8cv9CJwW7VHVv2o5EQyR52G+
++Naq8m7nIPshRR20G24lGMlUAZN1Z2IzV3wPLTRfMMtXtkH0UJOzge4/hLRYRAK3
+NxYSLIbalqblkiTMlElJAgMBAAGjUzBRMB0GA1UdDgQWBBSITVUck6Zh6Y6dcdqg
+4TuXF31r1jAfBgNVHSMEGDAWgBSITVUck6Zh6Y6dcdqg4TuXF31r1jAPBgNVHRMB
+Af8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQCAJQaJ3ddaY/5S2tu4NsUysbTo
+cpk/v2fLiRKavkbfMdN0EvEz+h0wqj9JPtbcRnLwkeAgfCu3oosHn+9w8JAZF2Ms
+D3QnqZ/iSMV5GH7PN9H+Ht3YUA20YhwBF4DUWbnpKIg/jx5gfU1XdIc+biQbaty7
+lT/HU9XOFij3upmdEjH+AYIOd1HXx3wlfQa4qkuhGyC0YsdzWbuaqhMmvrdBK+H0
+QLOrp37yv8upPUe1xpO6SyH9B5DyxDZEc1szYZRUwMW6qssdXFoXftJ61fj7KNWj
+2jg0fD5dHEOTNl1COzwCYoGY9z5V8sac/lH87RLXYwAqwopGijs8ApBzITFo
+-----END CERTIFICATE-----
diff --git a/go.mod b/go.mod
index f08186338..e1b3ae121 100644
--- a/go.mod
+++ b/go.mod
@@ -35,7 +35,7 @@ require (
 	github.com/stolostron/observatorium-operator v0.0.0-20230411203847-4514321263d1
 	github.com/stretchr/testify v1.8.4
 	github.com/thanos-io/thanos v0.30.0
-	go.uber.org/zap v1.24.0
+	go.uber.org/zap v1.26.0
 	golang.org/x/exp v0.0.0-20221212164502-fae10dda9338
 	gopkg.in/yaml.v2 v2.4.0
 	k8s.io/api v0.28.2
@@ -44,8 +44,8 @@ require (
 	k8s.io/client-go v12.0.0+incompatible
 	k8s.io/klog v1.0.0
 	k8s.io/kubectl v0.27.2
-	open-cluster-management.io/addon-framework v0.8.0
-	open-cluster-management.io/api v0.12.0
+	open-cluster-management.io/addon-framework v0.8.1-0.20231128122622-3bfdbffb237c
+	open-cluster-management.io/api v0.12.1-0.20231130134655-97a8a92a7f30
 	sigs.k8s.io/controller-runtime v0.15.1
 	sigs.k8s.io/kube-storage-version-migrator v0.0.4
 	sigs.k8s.io/kustomize/api v0.13.4
@@ -141,15 +141,15 @@ require (
 	go.starlark.net v0.0.0-20200306205701-8dd3e2ee1dd5 // indirect
 	go.uber.org/atomic v1.10.0 // indirect
 	go.uber.org/goleak v1.2.0 // indirect
-	go.uber.org/multierr v1.8.0 // indirect
+	go.uber.org/multierr v1.11.0 // indirect
 	golang.org/x/crypto v0.14.0 // indirect
 	golang.org/x/mod v0.10.0 // indirect
-	golang.org/x/net v0.13.0 // indirect
+	golang.org/x/net v0.17.0 // indirect
 	golang.org/x/oauth2 v0.10.0 // indirect
-	golang.org/x/sync v0.3.0 // indirect
-	golang.org/x/sys v0.13.0 // indirect
-	golang.org/x/term v0.13.0 // indirect
-	golang.org/x/text v0.13.0 // indirect
+	golang.org/x/sync v0.5.0 // indirect
+	golang.org/x/sys v0.15.0 // indirect
+	golang.org/x/term v0.15.0 // indirect
+	golang.org/x/text v0.14.0 // indirect
 	golang.org/x/time v0.3.0 // indirect
 	golang.org/x/tools v0.9.3 // indirect
 	gomodules.xyz/jsonpatch/v2 v2.3.0 // indirect
diff --git a/go.sum b/go.sum
index 122ea301b..560a13a4d 100644
--- a/go.sum
+++ b/go.sum
@@ -443,7 +443,6 @@ github.com/baidubce/bce-sdk-go v0.9.81/go.mod h1:zbYJMQwE4IZuyrJiFO8tO8NbtYiKTFT
 github.com/baiyubin/aliyun-sts-go-sdk v0.0.0-20180326062324-cfa1a18b161f/go.mod h1:AuiFmCCPBSrqvVMvuqFuk0qogytodnVFVSN5CeJB8Gc=
 github.com/beevik/ntp v0.2.0/go.mod h1:hIHWr+l3+/clUnF44zdK+CWW7fO8dR5cIylAQ76NRpg=
 github.com/benbjohnson/clock v1.1.0/go.mod h1:J11/hYXuz8f4ySSvYwY0FKfm+ezbsZBKZxNJlLklBHA=
-github.com/benbjohnson/clock v1.3.0 h1:ip6w0uFQkncKQ979AypyG0ER7mqUSBdKLOgAle/AT8A=
 github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q=
 github.com/beorn7/perks v1.0.0/go.mod h1:KWe93zE9D1o94FZ5RNwFwVgaQK1VOXiVxmqh+CedLV8=
 github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM=
@@ -2031,8 +2030,8 @@ go.uber.org/multierr v1.4.0/go.mod h1:VgVr7evmIr6uPjLBxg28wmKNXyqE9akIJ5XnfpiKl+
 go.uber.org/multierr v1.5.0/go.mod h1:FeouvMocqHpRaaGuG9EjoKcStLC43Zu/fmqdUMPcKYU=
 go.uber.org/multierr v1.6.0/go.mod h1:cdWPpRnG4AhwMwsgIHip0KRBQjJy5kYEpYjJxpXp9iU=
 go.uber.org/multierr v1.7.0/go.mod h1:7EAYxJLBy9rStEaz58O2t4Uvip6FSURkq8/ppBp95ak=
-go.uber.org/multierr v1.8.0 h1:dg6GjLku4EH+249NNmoIciG9N/jURbDG+pFlTkhzIC8=
-go.uber.org/multierr v1.8.0/go.mod h1:7EAYxJLBy9rStEaz58O2t4Uvip6FSURkq8/ppBp95ak=
+go.uber.org/multierr v1.11.0 h1:blXXJkSxSSfBVBlC76pxqeO+LN3aDfLQo+309xJstO0=
+go.uber.org/multierr v1.11.0/go.mod h1:20+QtiLqy0Nd6FdQB9TLXag12DsQkrbs3htMFfDN80Y=
 go.uber.org/tools v0.0.0-20190618225709-2cfd321de3ee/go.mod h1:vJERXedbb3MVM5f9Ejo0C68/HhF8uaILCdgjnY+goOA=
 go.uber.org/zap v1.9.1/go.mod h1:vwi/ZaCAaUcBkycHslxD9B2zi4UTXhF60s6SWpuDF0Q=
 go.uber.org/zap v1.10.0/go.mod h1:vwi/ZaCAaUcBkycHslxD9B2zi4UTXhF60s6SWpuDF0Q=
@@ -2042,8 +2041,9 @@ go.uber.org/zap v1.16.0/go.mod h1:MA8QOfq0BHJwdXa996Y4dYkAqRKB8/1K1QMMZVaNZjQ=
 go.uber.org/zap v1.17.0/go.mod h1:MXVU+bhUf/A7Xi2HNOnopQOrmycQ5Ih87HtOu4q5SSo=
 go.uber.org/zap v1.19.0/go.mod h1:xg/QME4nWcxGxrpdeYfq7UvYrLh66cuVKdrbD1XF/NI=
 go.uber.org/zap v1.19.1/go.mod h1:j3DNczoxDZroyBnOT1L/Q79cfUMGZxlv/9dzN7SM1rI=
-go.uber.org/zap v1.24.0 h1:FiJd5l1UOLj0wCgbSE0rwwXHzEdAZS6hiiSnxJN/D60=
 go.uber.org/zap v1.24.0/go.mod h1:2kMP+WWQ8aoFoedH3T2sq6iJ2yDWpHbP0f6MQbS9Gkg=
+go.uber.org/zap v1.26.0 h1:sI7k6L95XOKS281NhVKOFCUNIvv9e0w4BF8N3u+tCRo=
+go.uber.org/zap v1.26.0/go.mod h1:dtElttAiwGvoJ/vj4IwHBS/gXsEu/pZ50mUIRWuG0so=
 golang.org/x/crypto v0.0.0-20180608092829-8ac0e0d97ce4/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=
 golang.org/x/crypto v0.0.0-20180904163835-0709b304e793/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=
 golang.org/x/crypto v0.0.0-20181029021203-45a5f77698d3/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=
@@ -2202,8 +2202,8 @@ golang.org/x/sync v0.0.0-20220601150217-0de741cfad7f/go.mod h1:RxMgew5VJxzue5/jJ
 golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20220929204114-8fcdb60fdcc0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
-golang.org/x/sync v0.3.0 h1:ftCYgMx6zT/asHUrPw8BLLscYtGznsLAnjq5RH9P66E=
-golang.org/x/sync v0.3.0/go.mod h1:FU7BRWz2tNW+3quACPkgCx/L+uEAv1htQ0V83Z9Rj+Y=
+golang.org/x/sync v0.5.0 h1:60k92dhOjHxJkrqnwsfl8KuaHbn/5dl0lUPUklKo3qE=
+golang.org/x/sync v0.5.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
 golang.org/x/sys v0.0.0-20180823144017-11551d06cbcc/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
@@ -2351,8 +2351,9 @@ golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.7.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.10.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.13.0 h1:Af8nKPmuFypiUBjVoU9V20FiaFXOcuZI21p0ycVYYGE=
 golang.org/x/sys v0.13.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.15.0 h1:h48lPFYpsTvQJZF4EKyI4aLHaev3CxivZmv7yZig9pc=
+golang.org/x/sys v0.15.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
 golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw=
 golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
 golang.org/x/term v0.0.0-20210615171337-6886f2dfbf5b/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
@@ -2360,8 +2361,9 @@ golang.org/x/term v0.1.0/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
 golang.org/x/term v0.3.0/go.mod h1:q750SLmJuPmVoN1blW3UFBPREJfb1KmY3vwxfr+nFDA=
 golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k=
 golang.org/x/term v0.10.0/go.mod h1:lpqdcUyK/oCiQxvxVrppt5ggO2KCZ5QblwqPnfZ6d5o=
-golang.org/x/term v0.13.0 h1:bb+I9cTfFazGW51MZqBVmZy7+JEJMouUHTUSKVQLBek=
 golang.org/x/term v0.13.0/go.mod h1:LTmsnFJwVN6bCy1rVCoS+qHT1HhALEFxKncY3WNNh4U=
+golang.org/x/term v0.15.0 h1:y/Oo/a/q3IXu26lQgl04j/gjuBDOBlx7X6Om1j2CPW4=
+golang.org/x/term v0.15.0/go.mod h1:BDl952bC7+uMoWR75FIrCDx79TPU9oHkTZ9yRbYOrX0=
 golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
@@ -2379,8 +2381,9 @@ golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
 golang.org/x/text v0.8.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8=
 golang.org/x/text v0.9.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8=
 golang.org/x/text v0.11.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE=
-golang.org/x/text v0.13.0 h1:ablQoSUd0tRdKxZewP80B+BaqeKJuVhuRxj/dkrun3k=
 golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE=
+golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ=
+golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU=
 golang.org/x/time v0.0.0-20180412165947-fbb02b2291d2/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
 golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
 golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
@@ -2883,10 +2886,10 @@ k8s.io/utils v0.0.0-20221107191617-1a15be271d1d/go.mod h1:OLgZIPagt7ERELqWJFomSt
 k8s.io/utils v0.0.0-20230406110748-d93618cff8a2/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0=
 k8s.io/utils v0.0.0-20230505201702-9f6742963106 h1:EObNQ3TW2D+WptiYXlApGNLVy0zm/JIBVY9i+M4wpAU=
 k8s.io/utils v0.0.0-20230505201702-9f6742963106/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0=
-open-cluster-management.io/addon-framework v0.8.0 h1:i1OReMHuZIoAw2Q04SLjkieU25DnxYilzVZzBNyROwU=
-open-cluster-management.io/addon-framework v0.8.0/go.mod h1:20DP06VXhJ9RE1PetAMEQyeFCP7+nhs92pCAkqbWUOg=
-open-cluster-management.io/api v0.12.0 h1:sNkj4k2XyWA/GLsTiFg82bLIZ7JDZKkLLLyZjJUlJMs=
-open-cluster-management.io/api v0.12.0/go.mod h1:/CZhelEH+30/pX7vXGSZOzLMX0zvjthYOkT/5ZTzVTQ=
+open-cluster-management.io/addon-framework v0.8.1-0.20231128122622-3bfdbffb237c h1:s/xo9ggmrc0z4qdHdZU3q0E6vuyfu9JA0X8IQ17p1aQ=
+open-cluster-management.io/addon-framework v0.8.1-0.20231128122622-3bfdbffb237c/go.mod h1:aj97pgpGJ0/LpQzBVtU2oDFqqIiZLOPnsjLKG/sVkFw=
+open-cluster-management.io/api v0.12.1-0.20231130134655-97a8a92a7f30 h1:qzkatL1pCsMvA2KkuJ0ywWUqJ0ZI13ouMRVuAPTrhWk=
+open-cluster-management.io/api v0.12.1-0.20231130134655-97a8a92a7f30/go.mod h1:fnoEBW9pbikOWOzF4zuT9DQAgWbY3PpPT/MSDZ/4bxw=
 rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8=
 rsc.io/pdf v0.1.1/go.mod h1:n8OzWcQ6Sp37PL01nO98y4iUCRdTGarVfzxY20ICaU4=
 rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0=
diff --git a/operators/endpointmetrics/controllers/observabilityendpoint/metrics_collector.go b/operators/endpointmetrics/controllers/observabilityendpoint/metrics_collector.go
index 5fffc1905..089f27d49 100644
--- a/operators/endpointmetrics/controllers/observabilityendpoint/metrics_collector.go
+++ b/operators/endpointmetrics/controllers/observabilityendpoint/metrics_collector.go
@@ -66,6 +66,7 @@ type CollectorParams struct {
 	httpProxy    string
 	httpsProxy   string
 	noProxy      string
+	CABundle     string
 	replicaCount int32
 }
 
@@ -305,6 +306,13 @@ func createDeployment(params CollectorParams) *appsv1.Deployment {
 				Value: params.noProxy,
 			})
 	}
+	if params.httpsProxy != "" && params.CABundle != "" {
+		metricsCollectorDep.Spec.Template.Spec.Containers[0].Env = append(metricsCollectorDep.Spec.Template.Spec.Containers[0].Env,
+			corev1.EnvVar{
+				Name:  "HTTPS_PROXY_CA_BUNDLE",
+				Value: params.CABundle,
+			})
+	}
 
 	if params.obsAddonSpec.Resources != nil {
 		metricsCollectorDep.Spec.Template.Spec.Containers[0].Resources = *params.obsAddonSpec.Resources
@@ -343,6 +351,8 @@ func updateMetricsCollectors(ctx context.Context, c client.Client, obsAddonSpec
 					params.httpsProxy = env.Value
 				} else if env.Name == "NO_PROXY" {
 					params.noProxy = env.Value
+				} else if env.Name == "HTTPS_PROXY_CA_BUNDLE" {
+					params.CABundle = env.Value
 				}
 			}
 		}
diff --git a/operators/endpointmetrics/controllers/observabilityendpoint/metrics_collector_test.go b/operators/endpointmetrics/controllers/observabilityendpoint/metrics_collector_test.go
index 8fa8d98b6..8ee00862e 100644
--- a/operators/endpointmetrics/controllers/observabilityendpoint/metrics_collector_test.go
+++ b/operators/endpointmetrics/controllers/observabilityendpoint/metrics_collector_test.go
@@ -115,6 +115,7 @@ func checkAnnotationsAndProxySettings(
 	foundHTTPProxy := false
 	foundHTTPSProxy := false
 	foundNOProxy := false
+	foundCABundle := false
 	for _, e := range env {
 		if e.Name == "HTTP_PROXY" {
 			foundHTTPProxy = true
@@ -131,6 +132,11 @@ func checkAnnotationsAndProxySettings(
 			if e.Value != "bar.com" {
 				t.Fatalf("NO_PROXY is not set correctly: expected %s, got %s", "bar.com", e.Value)
 			}
+		} else if e.Name == "HTTPS_PROXY_CA_BUNDLE" {
+			foundCABundle = true
+			if e.Value != "custom-ca.crt" {
+				t.Fatalf("HTTPS_PROXY_CA_BUNDLE is not set correctly: expected %s, got %s", "custom-ca.crt", e.Value)
+			}
 		}
 	}
 	if !foundHTTPProxy {
@@ -142,6 +148,9 @@ func checkAnnotationsAndProxySettings(
 	if !foundNOProxy {
 		t.Fatalf("NO_PROXY is not present in env")
 	}
+	if !foundCABundle {
+		t.Fatalf("HTTPS_PROXY_CA_BUNDLE is not present in env")
+	}
 }
 
 func TestMetricsCollector(t *testing.T) {
@@ -174,6 +183,7 @@ func TestMetricsCollector(t *testing.T) {
 		httpProxy:    "http://foo.com",
 		httpsProxy:   "https://foo.com",
 		noProxy:      "bar.com",
+		CABundle:     "custom-ca.crt",
 	}
 
 	_, err = updateMetricsCollector(ctx, c, params, false)
diff --git a/operators/multiclusterobservability/controllers/placementrule/manifestwork.go b/operators/multiclusterobservability/controllers/placementrule/manifestwork.go
index c85289f27..908a399db 100644
--- a/operators/multiclusterobservability/controllers/placementrule/manifestwork.go
+++ b/operators/multiclusterobservability/controllers/placementrule/manifestwork.go
@@ -6,6 +6,7 @@ package placementrule
 
 import (
 	"context"
+	"encoding/base64"
 	"encoding/json"
 	"errors"
 	"fmt"
@@ -314,6 +315,7 @@ func createManifestWorks(
 		spec.NodeSelector = map[string]string{}
 		spec.Tolerations = []corev1.Toleration{}
 	}
+	CustomCABundle := false
 	for i, container := range spec.Containers {
 		if container.Name == "endpoint-observability-operator" {
 			for j, env := range container.Env {
@@ -340,6 +342,14 @@ func createManifestWorks(
 							Name:  "HTTPS_PROXY",
 							Value: addonConfig.Spec.ProxyConfig.HTTPSProxy,
 						})
+						//CA is allowed only when HTTPS proxy is set
+						if addonConfig.Spec.ProxyConfig.CABundle != nil {
+							CustomCABundle = true
+							container.Env = append(container.Env, corev1.EnvVar{
+								Name:  "HTTPS_PROXY_CA_BUNDLE",
+								Value: base64.StdEncoding.EncodeToString(addonConfig.Spec.ProxyConfig.CABundle),
+							})
+						}
 					}
 					if addonConfig.Spec.ProxyConfig.NoProxy != "" {
 						container.Env = append(container.Env, corev1.EnvVar{
@@ -360,6 +370,19 @@ func createManifestWorks(
 			}
 		}
 	}
+	if CustomCABundle {
+		for i, manifest := range manifests {
+			if manifest.RawExtension.Object.GetObjectKind().GroupVersionKind().Kind == "Secret" {
+				secret := manifest.RawExtension.Object.DeepCopyObject().(*corev1.Secret)
+				if secret.Name == managedClusterObsCertName {
+					secret.Data["customCa.crt"] = addonConfig.Spec.ProxyConfig.CABundle
+					manifests[i].RawExtension.Object = secret
+					break
+				}
+			}
+		}
+	}
+
 	log.Info(fmt.Sprintf("Cluster: %+v, Spec.NodeSelector (after): %+v", clusterName, spec.NodeSelector))
 	log.Info(fmt.Sprintf("Cluster: %+v, Spec.Tolerations (after): %+v", clusterName, spec.Tolerations))
 	dep.Spec.Template.Spec = spec
diff --git a/operators/multiclusterobservability/controllers/placementrule/manifestwork_test.go b/operators/multiclusterobservability/controllers/placementrule/manifestwork_test.go
index a6ecae52f..9a47f0cd9 100644
--- a/operators/multiclusterobservability/controllers/placementrule/manifestwork_test.go
+++ b/operators/multiclusterobservability/controllers/placementrule/manifestwork_test.go
@@ -334,6 +334,7 @@ func TestManifestWork(t *testing.T) {
 				HTTPProxy:  "http://foo.com",
 				HTTPSProxy: "https://foo.com",
 				NoProxy:    "bar.com",
+				CABundle:   []byte{0x01, 0x02, 0x03, 0xAB, 0xCD, 0xEF},
 			},
 		},
 	}
@@ -361,6 +362,7 @@ func TestManifestWork(t *testing.T) {
 			foundHTTPProxy := false
 			foundHTTPSProxy := false
 			foundNOProxy := false
+			foundCABundle := false
 			for _, e := range env {
 				if e.Name == "HTTP_PROXY" {
 					foundHTTPProxy = true
@@ -377,6 +379,11 @@ func TestManifestWork(t *testing.T) {
 					if e.Value != "bar.com" {
 						t.Fatalf("NO_PROXY is not set correctly: expected %s, got %s", "bar.com", e.Value)
 					}
+				} else if e.Name == "HTTPS_PROXY_CA_BUNDLE" {
+					foundCABundle = true
+					if e.Value != base64.StdEncoding.EncodeToString([]byte{0x01, 0x02, 0x03, 0xAB, 0xCD, 0xEF}) {
+						t.Fatalf("HTTPS_PROXY_CA_BUNDLE is not set correctly")
+					}
 				}
 			}
 			if !foundHTTPProxy {
@@ -388,6 +395,9 @@ func TestManifestWork(t *testing.T) {
 			if !foundNOProxy {
 				t.Fatalf("NO_PROXY is not present in env")
 			}
+			if !foundCABundle {
+				t.Fatalf("HTTPS_PROXY_CA_BUNDLE is not present in env")
+			}
 		}
 	}