- Use /etc/ssl/cert.pem instead of /root/ca-certificates.crt in OpenBSD. It's

  the CA bundle from LibreSSL and is in the base OS. The update is already from
the same upstream.
- Better parsing and cleaning of certificate name, therefore the cerificates
  under /usr/share/ca-certificates are more properly names (not just numbered)
in OpenBSD.
- Use openssl certhash in OpenBSD instead of reimplementing the logic. Only
  available in 5.7 or later, added assertion for that.
- Updated TODO list, tests accordingly.