Allow self-signed certificates for P3A star-randsrv requests

[DJAndries]

Once key sync is enabled in the randomness server, star-randsrv-v2.bsg.brave.com will be available with a self-signed certificate. As per internal discussion, it was decided that using a self-signed cert would be easier than acquiring one via ACME when using the new key sync scheme.

star-randsrv.bsg.brave.com will be available with an ACM certificate for backwards compatibility, which will proxy requests to the new instances. Attestation will not be available with this host since we cannot guarantee confidentiality with external certificates.

Once the BraveP3AConstellationEnclaveAttestationV2 is enabled via variations, the client will send requests to the v2 server and the enclave will be attested.