tests: tls_cipherlists should configure testssl.sh to use CA cert (#3037)

This doesn't make any difference to the tests performed here (_partly due to `--preference`_).

It would make a difference if performing a test for receiving a grade, which would otherwise fail due to chain of trust not being verifiable for a self-signed certificate (_or a signed certificate without a CA public key to verify against_)

test/tests/parallel/set2/tls/tls_cipherlists.bats

@@ -94,15 +94,15 @@ function _configure_and_run_dms_container() {
   # The remaining args are dependent upon test case vars:
   CUSTOM_SETUP_ARGUMENTS+=(
     --env TLS_LEVEL="${TLS_LEVEL}"
-    --env SSL_CERT_PATH="/config/ssl/cert.${KEY_TYPE}.pem"
+    --env SSL_CERT_PATH="/config/ssl/with_ca/ecdsa/cert.${KEY_TYPE}.pem"
-    --env SSL_KEY_PATH="/config/ssl/key.${KEY_TYPE}.pem"
+    --env SSL_KEY_PATH="/config/ssl/with_ca/ecdsa/key.${KEY_TYPE}.pem"
   )
 
   if [[ -n ${ALT_KEY_TYPE} ]]
   then
     CUSTOM_SETUP_ARGUMENTS+=(
-      --env SSL_ALT_CERT_PATH="/config/ssl/cert.${ALT_KEY_TYPE}.pem"
+      --env SSL_ALT_CERT_PATH="/config/ssl/with_ca/ecdsa/cert.${ALT_KEY_TYPE}.pem"
-      --env SSL_ALT_KEY_PATH="/config/ssl/key.${ALT_KEY_TYPE}.pem"
+      --env SSL_ALT_KEY_PATH="/config/ssl/with_ca/ecdsa/key.${ALT_KEY_TYPE}.pem"
     )
   fi
 
@@ -161,6 +161,7 @@ function _collect_cipherlists() {
 
   # `--user "<uid>:<gid>"` is a workaround: Avoids `permission denied` write errors for json output, uses `id` to match user uid & gid.
   run docker run --rm \
+    --env ADDTL_CA_FILES="/config/ssl/with_ca/ecdsa/ca-cert.ecdsa.pem" \
     --user "$(id -u):$(id -g)" \
     --network "${TEST_NETWORK}" \
     --volume "${TLS_CONFIG_VOLUME}" \