My company issues users pki certs signed by an internal company root ca. I would like to use these company issued certs for user authentication into our k8 cluster. I thought by adding the company root ca to the kube api server ca.pem file (in /etc/kubernetes/ssl) and then creating ClusterRole and ClusterRoleBindings for users it would work. It doesn’t. Any ideas if this is even possible?