1. Proposed title of this feature request
Allow management of CAs independently from full certificate chains
2. What is the nature and description of the request?
Currently, when updating trusted certificates across multiple clusters, customers are required to update the entire certificate chain whenever any certificate within the chain changes.
This feature request proposes the ability to add or update only the certificate signers (Certificate Authorities, or CAs) within the trusted CA configuration, rather than having to replace the full certificate chain each time.
This would streamline certificate management and reduce operational overhead, particularly in environments with numerous clusters.
3. Why does the customer need this? (List the business requirements here) * The customer operates 18 clusters, and the current process of updating the full certificate chain for each change is highly resource-intensive and time-consuming.

• Allowing the addition or update of only CA certificates would significantly reduce maintenance efforts and the risk of configuration errors.

4. List any affected packages or components.
Certificates, ArgoCD