I read the GP as it’s easier to have the single infrastructure team implement it than have every single product team add support in their service.

I mean most app servers abstract away https on the server level and most dev is done unencrypted. So this seems reasonable.