[BUG] `ClientCACertFiles` required even when `fsc.web.tls.clientAuthRequired: false`

[pasquale95]

Problem description

As reported in the title, there's a potential bug in FSC regarding the TLS/mTLS setup. Specifically, if I run an FSC with a section as:

fsc:
  web:
    enabled: true
    # HTTP server listener address
    address: 0.0.0.0:10021
    tls:
      enabled: true
      # X.509 certificate used for TLS server
      cert:
        file: /target/fsc/fsc.example.com/peers/issuer.fsc.example.com/tls/server.crt
      # Private key used for TLS server        
      key:
        file: /target/fsc/fsc.example.com/peers/issuer.fsc.example.com/tls/server.key
      # Require client certificates / mutual TLS for inbound connections.
      # Note that clients that are not configured to use a certificate will
      # fail to connect to the node.
      clientAuthRequired: false

The FSC node fails with the error:

2026-01-13 09:07:10.200 UTC 0060 INFO [fsc.platform.view.services.grpc] NewGRPCServer -> New GRPC Server at [0.0.0.0:10022], TLS [true], RequireClientCert [false]
2026-01-13 09:07:10.202 UTC 0061 INFO [fsc.platform.view.sdk.dig] func2 -> Starting WEB server...
2026-01-13 09:07:10.203 UTC 0062 INFO [fsc.platform.view.sdk.dig] func3 -> Starting operations system...
2026-01-13 09:07:10.203 UTC 0063 INFO [fsc.platform.view.sdk.dig] func1 -> Starting GRPC server...
2026-01-13 09:07:10.203 UTC 0064 FATA [fsc.platform.view.sdk.dig] func2 -> Failed starting WEB server: client TLS CA certificate pool must not be empty

My feeling is that it shouldn't happen. If I don't enable mTLS through the clientAuthRequired flag, I don't need to provide any client CA.