If a certificate is available (either auto-generated or provided by the user as part of bootstrap), we use that certificate.
If no certificate is available, we consider CLOUDIFY_SSL_TRUST_ALL.
However, if the user bootstrapped using ssl_enabled=True, there will always be a certificate. Which means that the value of CLOUDIFY_SSL_TRUST_ALL is ignored.
Meaning: when using ssl_enabled=True, the user must provide a certificate that is trusted on the CLI host, otherwise bootstrap will fail.