We have multiple teams using certificates for mutual authentication. During their development it would be very useful for them to be able to see the trusted certificates. Right now I can grant them admin rights to certs but that lets them change the certificates - which they should not be able to do