Allow specifying custom CA for certificate validation #508
Description
Almost all tools that rely on self-signed CA typically allow configuring a CA certificate along with server/client certificate and private key.
The behavior should be, if configured, the server/client should only trust the provided ca for certificate validation.
This way
- I no longer need to trust self-signed cert/ca system wide
- I no longer need to trust all root CAs for my internal communications
My assumption is most people running bchd, would do so with intention of using the grpc endpoint for internal services.