I was jumping up and down earlier today because I managed to package ZTE and build it successfully from source: nixdots/modules/nixos/opt/openziti/default.nix at main · rochecompaan/nixdots · GitHub. Additionally, I had no CA and cert troubles either! Consider this a WIP since I'm still testing if everything works end-to-end.
I encountered the same issue mentioned in the hard-coded paths discussion here: Hard coded executable paths. I fixed this by patching paths to use Nix package paths.
The other challenge was to pull in all the dependencies using Nix fetchers instead of vcpkg, but I compiled the list of dependencies by reviewing the various CMakeLists.txt files.
I'll start a new topic about the Nix package once I'm done.