gnutls_x509_trust_list_verify_crt2: skip duplicated certs for PKCS#11 too

The commit 09b40be6 (part of !1370 (merged)) didn't cover the case where the trust store is backed by PKCS#11, because it used _gnutls_trust_list_get_issuer, which only works with file based trust store.

This patch replaces the call with more generic gnutls_x509_trust_list_get_issuer so it also works with other trust store implementations.

Reported by Michal Ruprich.

Checklist

• Commits have Signed-off-by: with name/author being identical to the commit author
• Code modified for feature
• Test suite updated with functionality tests
• Test suite updated with negative tests
• Documentation updated / NEWS entry present (for non-trivial changes)
• CI timeout is 2h or higher (see Settings/CICD/General pipelines/Timeout)

Reviewer's checklist:

• Any issues marked for closing are addressed
• There is a test suite reasonably covering new functionality or modifications
• Function naming, parameters, return values, types, etc., are consistent and according to CONTRIBUTION.md
• This feature/change has adequate documentation added
• No obvious mistakes in the code