caucase.http: Accept user certificates signed by non-current CA.
Otherwise, client certificates issued before a new CA is used get rejected once the new CA becomes current.
Otherwise, client certificates issued before a new CA is used get rejected once the new CA becomes current.