The Go `crypto/tls` package currently does not support crypto-policies. There have been efforts to upstream this, but they resulted only in consolidation of the TLS configuration. Note that the consolidation patch will land in 1.23.
dueno@redhat.com has put together a POC patch which implements this feature. We need to update this patch to be compatible with 1.23 and the consolidated TLS configuration.