https://rancher.com/docs/rancher/v2.5/en/installation/resources/custom-ca-root-certificate/