Nagios plugins and ca-certificates.crt

We found that a Nagios plugin like check_ldap uses /etc/ssl/certs/ca-certificates.crt instead of $OMD_ROOT/var/ssl/ca-certificates.crt.

This makes it hart to query internal services from the appliance as there is no upload of internal Root CA certificates in the appliance's webconf, only in the site configuration global settings.

We have solved it by manually placing the CA certificate into /usr/local/share/ca-certificates but are unsure if that survives a firmware update.

All Nagios plugins and other tools using certificates should use the site's internal certificate store.

check_ldap is already linked against $OMD_ROOT/lib/libssl.so.1.1 so I am wondering why $SSL_CERT_FILE or $REQUESTS_CA_BUNDLE are not used here.