Changes to TLS certificate handling in Habitat 0.85

Hi folks - just a quick FYI that we have a blog post up with information on some changes to TLS certificate handling in Habitat 0.85 that may be of interest to those of you working in scenarios where custom certificates are required:

As always, we appreciate any feedback you may have - posted here, on our Slack channel, or with issues opened on the Habitat repo.

@salam Thanks for addressing this!

Here are the cases where custom certs have been painful in the past:

  1. hab CLI communication with on-prem builder
  2. Custom-built services relying on core/cacerts
  3. Plan builds that pull from artifact stores with internal certs via download_file, curl, wget, etc.
  4. Adopting/extending core plans that depend on core/cacerts

Here are the current solutions:

  1. Addressed by these changes!
  2. Build your own <origin>/cacerts package and depend on that instead
  3. Unclear
  4. Unclear

Can you provide some clarification on #3 and #4?