How to set custom certificate authority?

[robotsrule]

I tried following the directions to run Composer locally posted here: https://cloud.google.com/composer/docs/composer-2/run-local-airflow-environments

Once I got to this command composer-dev list-available-versions --include-past-releases --limit 10 I get a slew of certificate verification failures. The final one in the red error box looks like this (IP redacted):

Failed to list available versions: 503 failed to connect to all addresses; last error: UNKNOWN: ipv4:REDACTED:443: Ssl   │
│ handshake failed (TSI_PROTOCOL_FAILURE): SSL_ERROR_SSL: error:1000007d:SSL routines:OPENSSL_internal:CERTIFICATE_VERIFY_FAILED

My workplace uses an intercepting proxy for security reasons (Netskope in this case) and these types of errors with CLI tools are a very common problem that we deal with. I temporarily disabled Netskope (not a viable solution, just a troubleshooting measure) just to rule out that this is in fact the cause of the problem.

I cannot find anything documented in this tool to be able to set custom additional CA certs like I can with most tools. Is there a way I can add our interception certificate to the list of allowed certificate authorities? The most common way I've seen tools accommodate this is by simply setting a specific environment variable to point at the CA certificate on the user's machine.

For example, these 3 env vars cover a slew of utilities and frameworks such as NodeJS, Azure CLI, gcloud CLI, etc etc:

NODE_EXTRA_CA_CERTS
REQUESTS_CA_BUNDLE
SSL_CERT_FILE

Any guidance here is appreciated, thank you