Fix linter error in certauthority.

The error was:
```
internal/certauthority/certauthority.go:68:15: err113: do not define dynamic errors, use wrapped static errors instead: "fmt.Errorf(\"expected CA to be a single certificate, found %d certificates\", certCount)" (goerr113)
		return nil, fmt.Errorf("expected CA to be a single certificate, found %d certificates", certCount)
		            ^
exit status 1
```

I'm not sure if I love this err113 linter.

internal/certauthority/certauthority.go

@@ -58,6 +58,9 @@ func secureEnv() env {
 	}
 }
 
+// ErrInvalidCACertificate is returned when the contents of the loaded CA certificate do not meet our assumptions.
+var ErrInvalidCACertificate = fmt.Errorf("invalid CA certificate")
+
 // Load a certificate authority from an existing certificate and private key (in PEM format).
 func Load(certPath string, keyPath string) (*CA, error) {
 	cert, err := tls.LoadX509KeyPair(certPath, keyPath)
@@ -65,7 +68,7 @@ func Load(certPath string, keyPath string) (*CA, error) {
 		return nil, fmt.Errorf("could not load CA: %w", err)
 	}
 	if certCount := len(cert.Certificate); certCount != 1 {
-		return nil, fmt.Errorf("expected CA to be a single certificate, found %d certificates", certCount)
+		return nil, fmt.Errorf("%w: expected a single certificate, found %d certificates", ErrInvalidCACertificate, certCount)
 	}
 	return &CA{
 		caCertBytes: cert.Certificate[0],

internal/certauthority/certauthority_test.go

@@ -72,7 +72,7 @@ func TestLoad(t *testing.T) {
 			name:     "multiple certs",
 			certPath: "./testdata/multiple.crt",
 			keyPath:  "./testdata/test.key",
-			wantErr:  "expected CA to be a single certificate, found 2 certificates",
+			wantErr:  "invalid CA certificate: expected a single certificate, found 2 certificates",
 		},
 		{
 			name:     "success",