This message was deleted.

Found this in the comment in the source code for the

readS3EndpointCA

function:

// I expect the CA to be passed as base64 string OR a file system path.
	// I do this to be able to pass it through rke/rancher api without writing it
	// to the backup container filesystem.

And this issue answers why it won't work when no certificate is provided and insecure TLS verification is on: https://github.com/rancher/backup-restore-operator/issues/254