diff --git a/bitnami/harbor/CHANGELOG.md b/bitnami/harbor/CHANGELOG.md
index cd84fef1fa..8282147b61 100644
--- a/bitnami/harbor/CHANGELOG.md
+++ b/bitnami/harbor/CHANGELOG.md
@@ -1,8 +1,12 @@
 # Changelog
 
-## 22.0.11 (2024-08-08)
+## 22.0.12 (2024-08-08)
 
-* [bitnami/harbor] Release 22.0.11 ([#28773](https://github.com/bitnami/charts/pull/28773))
+* [bitnami/harbor] fix: core-secret-envvars.yaml now handles variables individually ([#28474](https://github.com/bitnami/charts/pull/28474))
+
+## <small>22.0.11 (2024-08-08)</small>
+
+* [bitnami/harbor] Release 22.0.11 (#28773) ([f0e8c01](https://github.com/bitnami/charts/commit/f0e8c019d74a51a4f5af64c9f6db549c2be23d0e)), closes [#28773](https://github.com/bitnami/charts/issues/28773)
 
 ## <small>22.0.10 (2024-07-30)</small>
 
diff --git a/bitnami/harbor/Chart.yaml b/bitnami/harbor/Chart.yaml
index e4ca7a8f70..90d1e025c0 100644
--- a/bitnami/harbor/Chart.yaml
+++ b/bitnami/harbor/Chart.yaml
@@ -55,4 +55,5 @@ maintainers:
 name: harbor
 sources:
 - https://github.com/bitnami/charts/tree/main/bitnami/harbor
-version: 22.0.11
+
+version: 22.0.12
diff --git a/bitnami/harbor/templates/_helpers.tpl b/bitnami/harbor/templates/_helpers.tpl
index e80a225cdf..d4c868794a 100644
--- a/bitnami/harbor/templates/_helpers.tpl
+++ b/bitnami/harbor/templates/_helpers.tpl
@@ -143,10 +143,6 @@ We truncate at 63 chars because some Kubernetes name fields are limited to this
 {{- end -}}
 {{- end -}}
 
-{{- define "harbor.database.encryptedPassword" -}}
-  {{- include "harbor.database.rawPassword" . | b64enc | quote -}}
-{{- end -}}
-
 {{- define "harbor.database.coreDatabase" -}}
 {{- ternary "registry" .Values.externalDatabase.coreDatabase .Values.postgresql.enabled -}}
 {{- end -}}
diff --git a/bitnami/harbor/templates/core/core-secret-envvars.yaml b/bitnami/harbor/templates/core/core-secret-envvars.yaml
index f1baa7c20b..95f1200b71 100644
--- a/bitnami/harbor/templates/core/core-secret-envvars.yaml
+++ b/bitnami/harbor/templates/core/core-secret-envvars.yaml
@@ -3,7 +3,7 @@ Copyright Broadcom, Inc. All Rights Reserved.
 SPDX-License-Identifier: APACHE-2.0
 */}}
 
-{{- if not .Values.core.existingEnvVarsSecret }}
+{{- $existingEnvVarsSecret := .Values.existingEnvVarsSecret | default dict -}}
 apiVersion: v1
 kind: Secret
 metadata:
@@ -18,11 +18,10 @@ metadata:
   {{- end }}
 type: Opaque
 data:
-  _REDIS_URL_CORE: {{ include "harbor.redisForCore" . | b64enc | quote }}
-  _REDIS_URL_REG: {{ include "harbor.redisForGC" . | b64enc | quote }}
-  REGISTRY_CREDENTIAL_USERNAME: {{ .Values.registry.credentials.username | b64enc | quote }}
-  REGISTRY_CREDENTIAL_PASSWORD: {{ .Values.registry.credentials.password | b64enc | quote }}
-  CSRF_KEY: {{ include "common.secrets.passwords.manage" (dict "secret" (printf "%s-envvars" (include "harbor.core" .)) "key" "CSRF_KEY" "length" 32 "providedValues" (list "core.csrfKey") "context" $) }}
-  HARBOR_ADMIN_PASSWORD: {{ include "common.secrets.passwords.manage" (dict "secret" (printf "%s-envvars" (include "harbor.core" .)) "key" "HARBOR_ADMIN_PASSWORD" "length" 10 "providedValues" (list "adminPassword") "context" $) }}
-  POSTGRESQL_PASSWORD: {{ template "harbor.database.encryptedPassword" . }}
-{{- end }}
+  _REDIS_URL_CORE: {{ $existingEnvVarsSecret._REDIS_URL_CORE | default (include "harbor.redisForCore" .) | b64enc | quote }}
+  _REDIS_URL_REG: {{ $existingEnvVarsSecret._REDIS_URL_REG | default (include "harbor.redisForGC" .) | b64enc | quote }}
+  REGISTRY_CREDENTIAL_USERNAME: {{ $existingEnvVarsSecret.REGISTRY_CREDENTIAL_USERNAME | default .Values.registry.credentials.username | b64enc | quote }}
+  REGISTRY_CREDENTIAL_PASSWORD: {{ $existingEnvVarsSecret.REGISTRY_CREDENTIAL_PASSWORD | default .Values.registry.credentials.password | b64enc | quote }}
+  CSRF_KEY: {{ $existingEnvVarsSecret.CSRF_KEY | default (include "common.secrets.passwords.manage" (dict "secret" (printf "%s-envvars" (include "harbor.core" .)) "key" "CSRF_KEY" "length" 32 "providedValues" (list "core.csrfKey") "context" $)) }}
+  HARBOR_ADMIN_PASSWORD: {{ $existingEnvVarsSecret.HARBOR_ADMIN_PASSWORD | default (include "common.secrets.passwords.manage" (dict "secret" (printf "%s-envvars" (include "harbor.core" .)) "key" "HARBOR_ADMIN_PASSWORD" "length" 22 "providedValues" (list "adminPassword") "context" $)) }}
+  POSTGRESQL_PASSWORD: {{ $existingEnvVarsSecret.POSTGRESQL_PASSWORD | default (include "harbor.database.rawPassword" .) | b64enc | quote }}
diff --git a/bitnami/harbor/values.yaml b/bitnami/harbor/values.yaml
index 1921b6802e..6e40648bea 100644
--- a/bitnami/harbor/values.yaml
+++ b/bitnami/harbor/values.yaml
@@ -1471,13 +1471,13 @@ core:
   existingSecret: ""
   ## @param core.existingEnvVarsSecret Existing secret for core envvars
   ## The secret must contain the keys:
-  ## `CSRF_KEY` (required),
-  ## `HARBOR_ADMIN_PASSWORD` (required),
-  ## `POSTGRESQL_PASSWORD` (required),
-  ## `REGISTRY_CREDENTIAL_USERNAME` (required),
-  ## `REGISTRY_CREDENTIAL_PASSWORD` (required),
-  ## `_REDIS_URL_CORE` (optional),
-  ## `_REDIS_URL_REG` (optional),
+  ## `CSRF_KEY` (optional - alternatively auto-generated),
+  ## `HARBOR_ADMIN_PASSWORD` (optional - alternatively auto-generated),
+  ## `POSTGRESQL_PASSWORD` (optional - alternatively uses upstream default. Read below if you set it),
+  ## `postgres-password` (required if POSTGRESQL_PASSWORD is set & must be the same as POSTGRESQL_PASSWORD.)
+  ## `HARBOR_DATABASE_PASSWORD` (required if POSTGRESQL_PASSWORD is set & must be the same as POSTGRESQL_PASSWORD.)
+  ## `REGISTRY_CREDENTIAL_USERNAME` (optional - alternatively auto-generated),
+  ## `REGISTRY_CREDENTIAL_PASSWORD` (optional - alternatively auto-generated),
   ##
   ## If you do not know how to start, let the chart generate a full secret for you before defining an existingEnvVarsSecret
   ## Notes: