Open
Description
We offer the ability to query an IdP provider's metadata URL during silo setup. However, many customers will have their own internal certificate authority that is not part of the standard trusted cert store.
Currently we have no way to allow Nexus to trust the cert, forcing the customer to fall back on using base64_encoded_xml
SAML. This is less convenient, it would be nice for customers using their own certs to be able to use this feature. Note that this refers only to the public key, we never want to access or store the private key.
AFAIK there are no other situations where the rack will initiate an outgoing connection, so this certificate store would be used solely for IdP metadata.