We have a cluster running consul, vault and nomad, all of which are tls enabled. Some of the nomad jobs make curl calls to consul/vault endpoints. Since the CA used for tls is self signed it needs to be trusted for all api calls.
Currently we are mounting the ca in nomad job and setting the
SSL_CERT_FILE env variable for each container. This now has to be done for every job that makes api calls. Is there a better way to do this at the nomad level centrally so that all the jobs running trust the ca?