Thanks for continuing to look into this.
If it's missing in current and recently replaced AMIs, it most definitely is a Wowza issue: the AMIs as packaged are broken, because SSL client connections cannot validate against the installed CA certificates. That's been my point all along.
rpm -V reports that it was removed from the RPM as distributed by Amazon:
It's also present in the (presumably) upstream Amazon Linux 2013.09 AMI. You can test the difference by doing the following on a Wowza AMI and an Amazon Linux AMI:
[ec2-user@ip-10-x-y-z tls]$ rpm -V ca-certificates-2010.63-3.7.amzn1.noarch
Wowza, before /etc/pki/tls/cert.pem is fixed:
Amazon Linux, or Wowza with proper /etc/pki/tls/cert.pem: