Update the extracted cURL SSL CA bundle
This default CA bundle file hasn't been updated since 2016. Update it to the current cURL extraction.
I believe this is notably impactful because of a new "Let's Encrypt" certificate, but didn't hunt down the particulars.
Confirmed the hash matches the published hash:
$ openssl dgst -sha256 resources/ssl/default.pem SHA256(resources/ssl/default.pem)= ae31ecb3c6e9ff3154cb7a55f017090448f88482f0e94ac927c0c67a1f33b9cf
This assurance is fairly meaningless since both the hash and file are published on curl.se. It didn't get corrupted by stellar radiation before it made it into Git, at least?
Differential Revision: https://secure.phabricator.com/D21739