--- features: - Adds the InternalTLSCAFile parameter, which defines which CA file should be used by the internal services to verify that the peer's certificate is trusted. This is applicable if internal TLS is enabled. Currently, it defaults to using the CA file for FreeIPA, which is the default CA.