In the observatory, do not add insecure certs to the already_submitted cache

Currently clients only ever submit a cert to the observatory once (unless they clear their history).  However if the observatory sent them a warning about the cert, the client should probably continue to resubmit and display the warning until the cert goes offline.