NodeRED (or any Add-On) and custom CA Certificate?

Is there a way to supply a custom (internal) CA Certificate to an add-on like NodeRED? I’ve got a gitlab instance running within my network and it’s using TLS certs signed by an internal CA. I’d love to be able to supply the actual CA Cert instead of just trying to configure it to ignore unknown signers.

This is a Supervised install and the host trusts the CA cert - should that be enough?