SSL - Own CA Permanent over reboots with HA on PI4b

I run HA from the dedicated PI image on a Pi4b.

I run a fully self hosted / Sef support environment for everything. This includes having my own CA to issue SSL server certs from to devices that serve in any function and running SSL/TLS where possible.

I have noted a few previous discussions on adding your own CA to the CA store and I am across these discussions. I have successfully installed my CA into the certs directory in the underlying Linux structures, have successfully run update-ca-certificates, and then have successfully run curl (to a server external to HA) commands from the HA terminal window to watch the SSL/TLS handshake take place. The SSL handshake succeeds and all is good. sort of …

Then at next HA boot, the CA is gone, and SSL/TLS handshake fails.

I note this persistence has been discussed before, but seems only workarounds of varying ugliness have been presented in response.

Is there any way to make an additional CA stick after a core OS boot ?

Brendan