Allow custom .p12 certificates

[pauliusuza]

This patch enables signing OSX apps with custom .p12 certificates issued by trusted CA.

Added:

• Environment variable CSA_LINK
• config.csaLink option
• config.csaLink falls back to Apple CA by default

[mention-bot]

By analyzing the blame information on this pull request, we identified @develar to be a potential reviewer

[develar]

@pauliusuza A means Authority? You have a good CA — only one certificate in the chain :) Maybe in the future we should allow to specify several (separated by comma in the CSA_LINK), but for now it is ok.

[develar]

Blocked on #208 and #218. PR can be accepted, but release version cannot be published.

@pauliusuza Could you please

• squash commits into one.
• rewrite commit message according to commit message format (hint: your PR is a feat).

[pauliusuza]

I use a digicert certificate for signing my app locally - works like a charm.

When setting my build process up, I had to do this for the warning in the keychain to go away: https://www.digicert.com/code-signing/mac-verifying-code-signing-certificate.htm#remove_warning

On the travis server, the error was a bit more cryptic
Error: Command failed: codesign --deep --force --sign [redacted] issuer= /Users/travis/build/app/dist/App-darwin-x64/App.app --keychain csc-c57662187e0fe8e7.keychain

You can notice the issuer= is empty. I figured it must be the same issue.
I'll squash the commits now. Thanks.

[pauliusuza]

@develar #208 and #218 are no longer a problem. LGTM?

[develar]

@pauliusuza PR will be merged and new version will be published in a few hours.

[pauliusuza]

@develar amazing, thank you.

[develar]

@pauliusuza Thanks a lot! You save me a lot of time.

Please confirm — do you sign OS X using non-Apple cert? Does it work?

Also, I think we can import digicert by default, so, users will not have to do it explicitly. What do you think?