Description of problem:

dpa CR configured with caCert value reports issue with failed to load custom CA bundle PEM file

Customer is using On-premise s3 bucket. The bucket has self-signed rootCA certificate. Customer generates certificate later with SAN entry but dpa still reports the same missing SAN entry.

Version-Release number of selected component (if applicable):

OADP 1.0.6 with ACM 2.6

How reproducible:

Steps to Reproduce:
1. Deploy ACM 2.6 and enable backup in multicluster CR
2. Allow OADP 1.0.6 to get installed with open-cluster-management-backup
3. Configure dpa with s3 details and it velero reports the s3 volume to be not available due to certificate issue

Actual results:

1. dpa is not able to read rootCA certificate either from provided caCert or from the ca-bundle of the node.
Expected results:

1. Velero should read the ca-bundle from the node to get CA details of the bucket from the bundle if available on the node.

Additional info:

I found a workaround here to the issue:-
1. I scaled down the oadp operator pod and created custom-ca configmap in open-cluster-management-backup project.
2. Later Mounted this configmap within velero pod by mentioning the details against /etc/ssl/certs.
3. Restarting the pod I could see the velero was able to mark the configured s3 volume within the dpa CR as available.

Attached must-gather from oadp on the ticket.