Not all certificates are retrieved on MacOS clients
When loading CAs to the MacOS system store using tools such as mkcert the certificates are not being retrieved from the populate_store function. This seems to be because only the anchor certificates are retrieved. However, this behaviour seems to be incorrect as browsers such as Chrome will retrieve the loaded certificates correctly.
Proposed solution: Libraries such as rustls-native-certs use a different approach to retrieve certificates on MacOS, they iterate though the trust domains and retrieve the certs from there.