Import CA certificate for backend TLS connections

Hello @js285

Thanks for using Traefik.

You can add Root CA in the static configuration as it is described here Overview - Traefik | Site | v2.5

## Static configuration
--serversTransport.rootCAs=foo.crt,bar.crt

The listed CA can be added to Traefik as standard Kubernetes secrets:

kubectl create secret generic bar.crt --from-file=bar.crt=ssl/ca.crt
kubectl create secret generic foo.crt --from-file=foo.crt=ssl/ca.crt

Then secrets can be mounted in the following way:

---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: traefik
  labels:
    app.kubernetes.io/instance: traefik
    app.kubernetes.io/name: traefik
spec:
  replicas: 1
  selector:
    matchLabels:
      app.kubernetes.io/name: traefik
      app.kubernetes.io/instance: traefik
  template:
    metadata:
      labels:
        app.kubernetes.io/name: traefik
        app.kubernetes.io/instance: traefik
    spec:
      serviceAccountName: traefik-ingress-controller
      terminationGracePeriodSeconds: 60
      containers:
        - name: traefik
          image: traefik:2.5.4
          args:
            - "--entryPoints.web.address=:8000/tcp"
            - "--entryPoints.websecure.address=:8443/tcp"
            - "--entryPoints.traefik.address=:9000/tcp"
            - "--api=true"
            - "--api.dashboard=true"
            - "--ping=true"
            - "--providers.kubernetescrd"
            - "--serversTransport.rootCAs=/certs/foo.crt,/certs/bar.crt"
            - "--log.level=DEBUG"
          readinessProbe:
            httpGet:
              path: /ping
              port: 9000
            failureThreshold: 1
            initialDelaySeconds: 5
            periodSeconds: 5
            successThreshold: 1
            timeoutSeconds: 2

          livenessProbe:
            httpGet:
              path: /ping
              port: 9000
            failureThreshold: 3
            initialDelaySeconds: 5
            periodSeconds: 5
            successThreshold: 1
            timeoutSeconds: 2

          resources:
            limits:
              cpu: 1000m
              memory: 1000Mi
            requests:
              cpu: 100m
              memory: 50Mi

          ports:
            - name: web
              containerPort: 8000
              protocol: TCP

            - name: websecure
              containerPort: 8443
              protocol: TCP

            - name: traefik
              containerPort: 9000
              protocol: TCP

          volumeMounts:
            - mountPath: /data
              name: storage-volume

            - mountPath: /certs/foo.crt
              name: foo
              readOnly: true
              subPath: foo.crt

            - mountPath: /certs/bar.crt
              name: bar
              readOnly: true
              subPath: bar.crt

      volumes:
        - name: storage-volume
          emptyDir: {}
        - name: foo
          secret:
            secretName: foo.crt
        - name: bar
          secret:
            secretName: bar.crt