There's certainly examples that does not use openssl/gnutls (and compatible friends) - but it's a bit of a stretch to say most stuff doesn't support it?

Most (all) Linux distros also have an easy way to add a system level cert, without messing with system managed certs. And AFAIK it's straightforward to install custom certs in the windows cert store as well.

> MITM proxy doesnt include any builtin way to install a system certificate.

Absolutely fair point of comparison. Most tls stacks will allow you to do this - via environment vars - so you can set a cert path for openssl when launching a ruby (or nodejs?) process, and things will just work.

But you then need to know mitmproxy and your tls stack.