Support for destinationCaCertificate / Reencrypt RoutesΒ #56
Description
We're currently using cert-manager annotations to add a certificate to our Route, and a Certificate resource to generate a keystore for an application server running in a pod. However unless I'm mistaken there isn't an automated way to add the destinationCaCertificate to the Route. As a result we're adding this to our Route manually which risks allowing the cert to expire, or overlooking a change to the CA when the certificate renews.
It would be great to see some support for adding the destination CA automatically. In our use case both the Route and Certificate are from the same issuer (Venafi), though I'm sure there are more complex use cases. Maybe there could be some new annotations that specify the issuer and common name of the destination certificate that would allow the CA chain to be retrieved and attached to the Route.