Comment 4 for bug 2008452

I will add that we do have a non-destructive workaround here for the case I described:

1. Inspect the contents of /etc/ssl/certs/openstack-service-checks.pem
2. Copy each certificate into /usr/local/share/ca-certificates/[customer]-[cert-number].crt
3. Ensure each certificate file is o+r mode
4. Execute update-ca-certificate --fresh

One solution for the charm could be to conduct this operation automatically when encountering a multi-certificate chain in the `trusted_ssl_ca` configuration option.