Our CoreOs boxes are behind a proxy that requires a custom CA Certificate to be installed. What is the best way to do that? It doesn’t appear that
update-ca-trust works so it doesn’t look like I can drop anything in
/etc/ssl/certs via ignition.
I’m guessing it may be possible to copy off the
ca-bundle.ctrust.crt file, modify it externally and completely replace it via Ignition, but that sounds pretty extreme.
Any other thoughts?