[Freeipa-users] Maybe use FreeIPA to manage user certificates for Apache/Nginx access?

I've tinkered with FreeIPA a while ago when I was investigating various ways to control WiFi access but have not been very active lately with it. I have a new topic that popped up where I need to create user certificates for access to a specific web site hosted behind an Nginx Reverse Proxy. I have manually created a (forgive my incorrect terms) ca cert and pointed nginx to it and then I created user certs for each user that needs to be granted access. This was done manually using openssh in the pilot phase. Would FreeIPA be able to do this at scale? I see some chatter about FreeIPA 4.x introducing user certs, but that chatter hasn't specifically covered how to get the master ca cert linked to nginx/apache. The noob question might be useful for someone doing similar research. I am not mission critical in this investigation, just trying to minimize my manual management of user certs. Thanks, Henery Hawk