Make OCSP cert id code tolerate a missing issuer certificate