There has been internal work to support such features in a generic capacity in shared libraries, but it hasn’t surfaced in all places. It would only support file:<path> configurations in its current form. Hardware-backed storage would need its own engine-backed implementation that has not been investigated. Additionally, mutating <pem>:<pem-cert/pem-key> is not currently supported. The goal was mainly aimed at routers and alternative server certificates. There are caveats and sharp edges to what you are asking about. I have a few questions if you don’t mind:
Are you rotating the server_cert, cert, and/or alt_server_certs (defined here)
FWIW, the process of restarting routers and controller is “very fast” so most likely, humans would never even notice a restart blip. That said, it’d certainly be friendly if the server just recognized the certs change and reloaded 'em.