Drop crl and get rid of api.turris.cz in tests
We are replacing crl with ocsp and from that point of view is crl obsoleted and shouldn't be used. To force better security standards we should drop support for it. Part of this is also to drop all updater.pem usages in tests and that way api.turris.cz.