My Java/Spring program connects to Vault using a RestTemplate. My company's Operations team has a plan to provide a pem CA certificate to the application using an environment variable ($VAULT_CACERT).
The Java program is not allowed to change any files on disk (so adding the pem CA certificate to a disk-based truststore is not an option).
Is it possible to configure the Spring RestTemplate so that it uses an in-memory CA certificate (not from a disk-based jks file)?
I see that there is a Java API (java.security.KeyStore) and also a bouncycastle API (org.bouncycastle.tls.test.KeyStores) and am wondering if either of these could be used.
