NEHotspotEAPSettings setTrustedServerCertificates returning "invalid certificate data type"

I am currently working on an app that programmatically connects to wifi hotspot.

I have a root and intermediate certificate and I'm trying to add them using setTrustedServerCertificates but xcode is returning "NEHotspotEAPSettings invalid certificate data type"

NOTE: caCert and intCert are both SecCertificateRef objects

Here's my code

    let clientCert = RSAUtils.getClientCertificate(targetPemFile: "client-cert")
    let caCert = RSAUtils.getClientCertificate(targetPemFile: "ca.crt")
    let intCert = RSAUtils.getClientCertificate(targetPemFile: "int.crt")

    KeychainUtils.addToKeychain(certificate: clientCert!, withLabel: "Client-Cert")
    KeychainUtils.addToKeychain(certificate: caCert!, withLabel: "CA-Cert")
    KeychainUtils.addToKeychain(certificate: intCert!, withLabel: "Int-Cert")

    if let filepath = Bundle.main.path(forResource: "client-key", ofType: "pem") {

      do {
        var contents = try! String(contentsOfFile: filepath)

        // remove the header string
        let offset = String("-----BEGIN PRIVATE KEY-----").count
        let index = contents.index(contents.startIndex, offsetBy: offset+1)
        contents = String(contents.suffix(from: index))

        // remove the tail string
        let tailWord = "-----END PRIVATE KEY-----"
        if let lowerBound = contents.range(of: tailWord)?.lowerBound {
          contents = String(contents.prefix(upTo: lowerBound))
        }

        contents = contents.replacingOccurrences(of: "\n", with: "")

        let data = NSData(base64Encoded: contents, options:NSData.Base64DecodingOptions.ignoreUnknownCharacters)!
        let strippedData = try! RSAUtils.stripPrivateKeyHeader(data as Data)

        var privateKey: SecKey?
        let attributes = [kSecAttrKeyType: kSecAttrKeyTypeRSA, kSecAttrKeyClass: kSecAttrKeyClassPrivate, kSecAttrKeySizeInBits: 1024] as CFDictionary
        var error: Unmanaged<CFError>? = nil

        privateKey = SecKeyCreateWithData(strippedData! as CFData, attributes, &error)

        let ssidSting = "K3Yhotspot-1"
        let hotspotEAPSettings = NEHotspotEAPSettings()
        hotspotEAPSettings.isTLSClientCertificateRequired = true

        let caCert = KeychainUtils.retrieveCertificate(certificateLabel: "CA-Cert")
        let intCert = KeychainUtils.retrieveCertificate(certificateLabel: "Int-Cert")
        hotspotEAPSettings.ttlsInnerAuthenticationType = .eapttlsInnerAuthenticationEAP
        hotspotEAPSettings.supportedEAPTypes = [NEHotspotEAPSettings.EAPType.EAPTLS.rawValue as NSNumber]
        hotspotEAPSettings.setTrustedServerCertificates([caCert, intCert])

        //hotspotEAPSettings.setIdentity(SecIdentity) // Still need to add identity here

        let hotspotConfig = NEHotspotConfiguration(ssid: ssidSting, eapSettings: hotspotEAPSettings)

        NEHotspotConfigurationManager.shared.apply(hotspotConfig) {[unowned self] (error) in
          if let error = error {
           print("error = ",error)
          }
          else {
           print("Success!")
          }
        }
      }
    }