Make driver to fail certificate validation when server certificate chain is not fully trusted

[dkropachev]

Default net.TLS certificate validation passes if at least one of the intermediate certificates is trusted. It is pretty relaxed (if not unsafe) comparing to openssl which requires every intermediate and root certificate to be trusted.

We need to make it more strict.

Originally reported https://github.com/scylladb/siren-frontend/issues/6011