Can I use diffrent root CA certificates while dynamic loading certificate chains?