Support /etc/pki/tls cert store for older RHEL/Fedora systems

[mrmathematica]

Look for /etc/pki/tls/cert.pem when /etc/ssl/cert.pem is not available on RHEL 8 and Fedora 33 and below.

Fixes #858, #259

[jjhelmus]

LGTM. Thanks for putting this together. I want to build this locally and check on an effected system before merging. Should have a result later today.

[jjhelmus]

I built Python 3.14 with this patch locally and tested in a Fedora 33 Docker container.

I am not seeing the cert bundle in /etc/pki/tls/cert.pem being used without setting the SSL_CERT_FILE environment variable:

./python/install/bin/python -c "import urllib.request; urllib.request.urlopen('https://google.com')"
...
    raise URLError(err)
urllib.error.URLError: <urlopen error [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1081)>

[jjhelmus]

Note that the new location is getting picked up from the patch:

./python/install/bin/python -c "import _ssl; print(_ssl.get_default_verify_paths())"
('SSL_CERT_FILE', '/etc/pki/tls/cert.pem', 'SSL_CERT_DIR', '/etc/ssl/certs')