BUG/MINOR: ssl: Fix crash in 'update ssl ocsp-response' CLI command

BUG/MINOR: ssl: Fix crash in 'update ssl ocsp-response' CLI command

This CLI command crashed when called for a certificate which did not
have an OCSP response during startup because it assumed that the
ocsp_issuer pointer of the ckch_data object would be valid. It was only
true for already known OCSP responses though.
The ocsp issuer certificate is now taken either from the ocsp_issuer
pointer or looked for in the certificate chain. This is the same logic
as the one in ssl_sock_load_ocsp.

This patch does not need to be backported.