Wait so without the option it checks against the system trust store and with the option it does exactly the same (but may also includes an additional CA if that was passed as the argument)?
This should be a cve. There is a security feature. It does not work as documented. That’s a vulnerability. That should get a cve.