* Certificate fingerprint length functions return an "int", so use an
int when calculating the length
* Clean up the OpenSSL certificate fingerprint if() and indentation mess
These operate on the SubjectPublicKeyInfo of the certificate, which does
change unless the private key is changed. This allows the fingerprint to
stay constant even if the certificate is reissued.
(The same fingerprint is also used by DANE)