there are potential needs to use the jenkins-agent from one openshift cluster to talk to another cluster. Given that the ca.crt is generated defined by the CERT_FILE is generated as self-signed certificate, you would expect to see TLS errors unless you use the SKIP_TLS.

we would like to have the ability to specify the ability to certify the CERT_FILE as an environmental variable to specify our own x509 PEM files.

in the source code:
private static final String CERT_FILE = "/run/secrets/kubernetes.io/serviceaccount/ca.crt";