weboob.browser.nss: allow hardcoding the expected certificate

Since NSS doesn't implement AIA (Authority Information Access) for
incomplete certificate chain, a workaround can be to hardcode the
expected certificate.
In a Browser, the VERIFY field should be set to the expected certificate
path.