During trusted certs handling warn users if any of the steps failed

Currently, if any of the steps during handling of trusted certs fail (like c_rehash not being available on a FIPS machine), we don't inform users about it at all and proceed silently.

We should inform users what happened and point them towards a fix.

Related to #6317 (closed), discovered during review of !5765 (merged).