services.journald.remote.settings.Remote.TrustedCertificateFile

A path to a SSL CA certificate file in PEM format, or all.

If all is set, then client certificate checking will be disabled.

This option can be used with listen = "https". If the path refers to an AF_UNIX stream socket in the file system a connection is made to it and the certificate read from it.