[msi,pkg] Add cluster CA to the system trust store

[cfergeau]

This most likely could also be done as part of crc setup. It would be nice to add the cluster CA (did not check how to get it) automatically to the system trust store to avoid the scary "untrusted website" warnings when trying to open the console in a webbrowser.
Or is this something we do not want to automate as this will probably also be an issue with a production cluster?

[guillaumerose]

If we rotate the CA with #2432, I think this is a good idea.
Otherwise, I don't think it is really safe.

[cfergeau]

Not sure these are the same CAs. CA used to sign admin client certificates VS CA used for external cluster https communication. If it's different, maybe we need to make sure this certificate is also regenerated to avoid MITM attacks

[stale]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.