security/ca_root_nss: Enable certificate verification (for Base OpenSSL)

Enable the ETCSYMLINK option so that SSL certificate verification is
enabled by default for OpenSSL in base.

This change is the third in a set of changes [1][2] that improves the
default configuration and behaviour of client software relying on
OpenSSL for SSL/TLS and certificate verification.

A symlink is installed which points to the root certificate bundle in
the location that OpenSSL in base looks for them, as configured at build
time [2].

This allows any and all software utilising SSL_CTX_load_verify_locations
function to verify SSL certificates by default after installation of
this package.

[1] https://svnweb.freebsd.org/changeset/ports/372629
[2] https://svnweb.freebsd.org/changeset/ports/378720

PR: 189811 196357
Requested by: many
Submitted by: dreamcat4 gmail com
Approved by: maintainer timeout (>1 year)