With NCS 3.2.1 I can't make use of custom mbed TLS config headers anymore, the MBEDTLS_CFG_FILE KConfig option always get overwritten. Previously setting CONFIG_CUSTOM_MBEDTLS_CFG_FILE=y would allow for overriding the config header. The documentation seems to have been removed from the Nordic docs but I can't find any mentions of this in the migration guides or elsewhere.
warning: MBEDTLS_CFG_FILE (defined at (...)nrf/modules/..\subsys\nrf_security/Kconfig:72, (...)/zephyr/modules/mbedtls/Kconfig:59, modules\mbedtls\Kconfig:59) was assigned the value 'nrf-config-user.h' but got the value 'nrf-config.h'.
This is also an issue in the Zephyr "psa_crypto" sample which seems to not build at all for a while now. Is mbed TLS completely deprecated in NCS? It seems to still exist in the Zephyr tree so unsure what the recommendation here is going forward. Should all mbedtls functions be seen as deprecated? If so is there a migration guide, this page: https://docs.nordicsemi.com/bundle/ncs-latest/page/nrf/libraries/security/nrf_security/doc/backend_config.html#legacy-crypto-support mentions "equivalent functionality from PSA Crypto APIs" but the link does not make any mentions of how to migrate old mbedtls code over to newer APIs.
