unable to download rancher agent from self-signed certificate

[nucther]

I'm getting an error when installing a system-agent with a self-signed certificate.

root@Stage:~# curl --insecure -fL https://rancher.example.tld/system-agent-install.sh | sudo  sh -s - --server https://rancher.example.tld --label 'cattle.io/os=linux' --token nqccpjkrhkxzxdnh6grz7qxjxrwdpjg4nxpsfqhwjwxzm4v7n72nxl --etcd --controlplane --worker
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100 30788    0 30788    0     0  1671k      0 --:--:-- --:--:-- --:--:-- 1768k
[INFO]  Label: cattle.io/os=linux
[INFO]  Role requested: etcd
[INFO]  Role requested: controlplane
[INFO]  Role requested: worker
[INFO]  Using default agent configuration directory /etc/rancher/agent
[INFO]  Using default agent var directory /var/lib/rancher/agent
curl: (60) SSL certificate problem: self-signed certificate
More details here: https://curl.se/docs/sslcerts.html

curl failed to verify the legitimacy of the server and therefore could not
establish a secure connection to it. To learn more about this situation and
how to fix it, please visit the web page mentioned above.
[ERROR]  000 received while testing Rancher connection. Sleeping for 5 seconds and trying again

my helm value is

hostname: "rancher.example.tld"
bootstrapPassword: "{{ rancher_password }}"
tls: "external"
ingress:
    tls:
        source: rancher

Look like another command/function curl inside system-agent-install.sh don't have --insecure or -k.

[pastalino]

Check if ca.crt of secret (usually named "tls-rancher-ingress") used by rancher ingress (namespace: cattle-system) is included in https://rancher.example.tld/cacerts