Simplified SSL option value for `cacerts`?

[zmstone]

When one wants to use system default trusted certs to verify peer. There seems to be only two options:

1. Extract the trusted CA certificates in a file, and provide cacertfile option
2. Trust ALL default ca certs from the OS: {cacerts, public_key:cacerts_get()}

I'd like to have option 2 simplified as {cacerts, system_defaults} or similar so OTP's ssl lib can call public_key:cacerts_get() for me.

This is necessary because public_key:cacerts_get() is often a quite bloated term. And SSL options are usually passed around and stored in various process states. When process crashes or when exceptions with SSL options in the context are caught and dumped to logs, the options are printed to the logs which in turn bloats the logs quite much.

[zmstone]

A further enhancement is probably not to turn system_defaults into public_key:cacerts_get(), but use it as an indication to search for certs in certificate store which is periodically refreshed thus to ensure certificate renewal is smooth.