linkcheck: test invalid SSL is reported as broken

`linkcheck` logic suggests that SSL errors were originally expected to
be ignored.

Blaming the corresponding lines point to issue #3008: linkcheck to
website with self-signed certificates. That issue was fixed by commit
4c7bec6460, which ignored SSL errors.
Probably because back then, users could not specify a CA bundle.

A broken SSL certificate is a real issue, it should not be ignored.
Users wishing to ignore issues for a specific link can use the
`linkcheck_ignore` option.

The current behavior is to report the site as broken, keep it.

tests/roots/test-linkcheck-localserver-https/conf.py

@@ -0,0 +1 @@
+exclude_patterns = ['_build']

tests/roots/test-linkcheck-localserver-https/index.rst

@@ -0,0 +1 @@
+`HTTPS server <https://localhost:7777/>`_

tests/test_build_linkcheck.py

@@ -269,3 +269,23 @@ def test_follows_redirects_on_GET(app, capsys):
         127.0.0.1 - - [] "GET /?redirected=1 HTTP/1.1" 204 -
         """
     )
+
+@pytest.mark.sphinx('linkcheck', testroot='linkcheck-localserver-https', freshenv=True)
+def test_invalid_ssl(app, status, warning):
+    # Link indicates SSL should be used (https) but the server does not handle it.
+    class OKHandler(http.server.BaseHTTPRequestHandler):
+        def do_GET(self):
+            self.send_response(200, "OK")
+            self.end_headers()
+            self.wfile.write(b"ok\n")
+
+    with http_server(OKHandler):
+        app.builder.build_all()
+
+    with open(app.outdir / 'output.json') as fp:
+        content = json.load(fp)
+    assert content["status"] == "broken"
+    assert content["filename"] == "index.rst"
+    assert content["lineno"] == 1
+    assert content["uri"] == "https://localhost:7777/"
+    assert "SSLError" in content["info"]