work around broken letsencrypt setups

a lot of people do not use the right cert file for letsencrypt, so it might be useful to include the intermediate and import it into our trust chain somehow.

this can be noted by seeing things like

19:35:15.267 [info] ['TLS', 32, 'client', 58, 32, 73, 110, 32, 115, 116, 97, 116, 101, 32, 'certify', 32, 'at ssl_handshake.erl:1609 generated CLIENT ALERT: Fatal - Bad Certificate', 10]

in the log