In a private discussion, I pointed out that the operator has all of the above. However, we noticed that the operator does not get injected by the env vars, I'll fix that.
We noticed that the CA changes are not really reflected by the authn operator and that it does not load the proxy CA for route/remote calls.
This is likely broken on https://github.com/openshift/library-go/pull/524 and https://github.com/openshift/cluster-authentication-operator/pull/195
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2019:2922