I will add that we do have a non-destructive workaround here for the case I described:
1. Inspect the contents of /etc/ssl/certs/openstack-service-checks.pem
2. Copy each certificate into /usr/local/share/ca-certificates/[customer]-[cert-number].crt
3. Ensure each certificate file is o+r mode
4. Execute update-ca-certificate --fresh
One solution for the charm could be to conduct this operation automatically when encountering a multi-certificate chain in the `trusted_ssl_ca` configuration option.
I will add that we do have a non-destructive workaround here for the case I described:
1. Inspect the contents of /etc/ssl/ certs/openstack -service- checks. pem share/ca- certificates/ [customer] -[cert- number] .crt ca-certificate --fresh
2. Copy each certificate into /usr/local/
3. Ensure each certificate file is o+r mode
4. Execute update-
One solution for the charm could be to conduct this operation automatically when encountering a multi-certificate chain in the `trusted_ssl_ca` configuration option.