Fix assert in MapVerifyErrorToChainStatus from DigiCert CRLs

Fix assert in MapVerifyErrorToChainStatus from DigiCert CRLs

* Define all of the X509_V_ERR* values form OpenSSL 1.0/1.1
* Exempt X509_V_ERR_DIFFERENT_CRL_SCOPE from being reported, as it is redundant to X509_V_ERR_UNABLE_TO_GET_CRL
* The remaining new X509_V_ERR* codes will still trip the assert, largely because
they should be behind option flags that we don't enable.

This change also makes the CRL cache entry also consider the specific CDP URL:

DigiCert currently has at least two distinct CRLs running for the same CA
(C = US, O = DigiCert Inc, CN = DigiCert SHA2 Secure Server CA)
* URI:http://crl3.digicert.com/ssca-sha2-g5.crl
* URI:http://crl3.digicert.com/ssca-sha2-g6.crl

Using the current cache name strategy, just a hash of the CA name, some of the
certs get meaningful revocation, and others do not.

Now the file name will be {ca name hash}.{url hash}.crl, enabling the DigiCert
scenario.  Upgrading across this change will cause CRLs to be re-downloaded,
but that's a thing that happens over time anyways.

Commit migrated from https://github.com/dotnet/corefx/commit/95bbbcd9f85aecd29df0e47b2aa3b65f0fac71a2