Assuming the rest of the configuration is already in place, run this command to set the cert bundle in the aws config. Change cert bundle paths on.
aws configure set default.ca_bundle ~/.aws/nskp_config/netskope-cert-bundle.pem
Add ca_bundle = /Users/<user_name>/.aws/nskp_config/netskope-cert-bundle.pem to all profiles in /Users/<user_name>/.aws/config file
Last, we found that in some cases a new ca_bundle line in the [default] section in ~/.aws/config was added after the script was run, but needed to be removed as it conflicted with the same ca_bundle line under [profile default]. Remove this section and keep your [profile default] ca_bundle entry.