I'd argue custom CAs are more important as of 7.2.0 with the addition of the OIDC capabilities. I'm unable to integrate in my Keycloak provider since the certificates I'm issuing are from my homelab CA, and Unraid is failing to access the discovery URL since it is an untrusted certificate. I see the /boot/config/ssl/certs/<host>.pem file, but at minimum, there should be some official workaround.