A more proper way would be to use config.ConfigureTLS(), however, its input doesn't have a CACertPool field, yet we get the *x509.CertPool from github.com/certifi/gocertifi and there's no way around that, nor there's a way to turn *x509.CertPool into a string of certificate chains.
A more proper way would be to use
config.ConfigureTLS(), however, its input doesn't have aCACertPoolfield, yet we get the*x509.CertPoolfromgithub.com/certifi/gocertifiand there's no way around that, nor there's a way to turn*x509.CertPoolinto a string of certificate chains.