local-unbound-setup: Use default root certificates

Don't force /etc/ssl/cert.pem.  It does not exist by default, only if
security/ca_root_nss is installed.  Just use the default OpenSSL search
locations which are /etc/ssl/cert.pem and /etc/ssl/certs/.

The tls-system-cert option was added in Unbound 1.16.0.

Reviewed by:	zlei
MFC after:	3 days
Differential Revision:	https://reviews.freebsd.org/D38243

usr.sbin/unbound/setup/local-unbound-setup.sh

@@ -260,7 +260,7 @@ gen_unbound_conf() {
 	echo "        pidfile: ${pidfile}"
 	echo "        auto-trust-anchor-file: ${anchor}"
 	if [ "${use_tls}" = "yes" ] ; then
-		echo "        tls-cert-bundle: /etc/ssl/cert.pem"
+		echo "        tls-system-cert: yes"
 	fi
 	echo ""
 	if [ -f "${forward_conf}" ] ; then