In Citrix XenServer, the hosts have SSL private keys and certificates, but
those certificates are not signed by any certificate authority.  So we
must provide a way to avoid checking certificates against a CA if we want
other OVS tools to be able to talk to XenServer hosts over SSL.  This
commit makes that possible.