Rapps Certificate 'pinning' is completely broken:
- We open a NEW connection to request the certificate
- The certificate is checked for ISSUER and SUBJECT INFO
- If a field we want to check is not present, we do not care
- Wrong types are used, cast to whatever we need
Each of these points on their own is already enough to make it completely not work,
and the second point is why we cannot download files with LE certificates.