New certificate storage does not obey `security.nocertdb`
As mentioned in #33534 (comment 2683533) there is a new certificate storage mechanism
where data is stored under profiledir/security_state/
which is not
disabled by Tor Browser setting security.nocertdb
= true
.
Thanks to a cypherpunk for the reminder to file the ticket.