I can't think of any reason why we shouldn't simply change the ssl-ca-cert line
in up2date and rhn_register when the customer installs a new SSL client cert
RPM. If they're installing the cert, it means that they want to use the cert,
and it cuts down a step during the install.
this has gone on long enough, no one has officially complained so I'm closing this.