Hi folks... looking for some guidance for my use case, and hoping I've just overlooked an obvious answer.
I'm currently using cert-manager to create PKCS12 key and trust stores for a Java app... that part's working fine. However, I now need to add an additional trust root (the corporate CA) into the trust store, and this is where I find myself a little stuck, since cert-manager itself seems to assume a single trust root (since that's the only bit that matters for a given TLS keypair certificate).
My first reaction to that was that maybe I need the trust-manager project, since aggregating different trust sources seems to exactly what it's there for. But unlike cert-manager, trust-manager doesn't appear to offer any flexibility about the output file format - there's no way that I can see to produce a PKCS12 or JKS trust store.
What's the recommended approach to this?