REGTESTS: ssl: use X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY for cert check

LibreSSL-3.4.2 introduced cert revocation check behaviour change, for some
checks now X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY (20) is returned.

https://github.com/libressl-portable/portable/issues/697

let us modify vtc accordingly

reg-tests/ssl/new_del_ssl_cafile.vtc

@@ -60,7 +60,7 @@ client c1 -connect ${h1_clearlst_sock} {
     rxresp
     expect resp.status == 200
     # The CA file known by the frontend does not allow to verify the client's certificate
-    expect resp.http.X-SSL-Client-Verify == 21
+    expect resp.http.X-SSL-Client-Verify ~ "20|21"
 } -run
 
 # This connection should fail because the with-ca.com sni is not mentioned in the crt-list yet.

reg-tests/ssl/set_ssl_cafile.vtc

@@ -77,7 +77,7 @@ client c1 -connect ${h1_clearlst_sock} {
     rxresp
     expect resp.status == 200
     # unable to verify the client certificate
-    expect resp.http.X-SSL-Client-Verify == 21
+    expect resp.http.X-SSL-Client-Verify ~ "20|21"
 } -run
 
 # Set a new ca-file without committing it and check that the new ca-file is not taken into account
@@ -106,7 +106,7 @@ client c1 -connect ${h1_clearlst_sock} {
     rxresp
     expect resp.status == 200
     # unable to verify the client certificate
-    expect resp.http.X-SSL-Client-Verify == 21
+    expect resp.http.X-SSL-Client-Verify ~ "20|21"
 } -run
 
 haproxy h1 -cli {