Description of problem:

The new-in-4.15 ClusterVersion spec.signatureStores should implement the ca property.

Version-Release number of selected component (if applicable):

4.15 and 4.15.

How reproducible:

Every time, for TechPreviewNoUpgrade clusters where signatureStores exists.

Steps to Reproduce:

1. Install a TechPreviewNoUpgrade cluster.
2. Set up a signature store in the cluster behind the self-signed ingress/router CA:

FIXME

3. Patch ClusterVersion to ask the CVO to use that store.

FIXME

4. Ask the cluster to update to a release whose signature is in the custom store:

FIXME

Actual results:

FIXME

Expected results:

The update is accepted and begins rolling out, as shown by oc adm upgrade. Whether the update successfully completes or not is not relevant.