I am working on my ovathetap project where I am continuing to refine my single node TAP environment, and wanted to update my installation flow to use a issuer based on the private certificate authority (CA) I have setup in my lab environment.
If you are interested, you can view the script I use to setup my private CA here
Fortunately, the documentation about how to setup issuers for TAP environments is great - but I did do some customization beyond the standard method.