[WIP] Improve SSL support

[3flex]

I intend to open a PR to address several open tickets related to SSL in this module.

Target issues:

• ssl certificates #404 - ssl certificates
• Storing SSH Keys and Certs in Hiera #286 - Storing SSH Keys and Certs in Hiera
• SSL Cert/Key Template #126 - SSL Cert/Key Template
• Subdir for ssl certs #80 - subdir for SSL certs

Target PRs (will update and consolidate):

• ssl_crl option support added #493 - ssl_crl option support added

People have asked for:

1. Creating cert/key files based on cert/key data that is stored in hiera
2. Having a configurable directory for SSL cert/key storage, but not changing other functionality the module provides.
3. Not copying SSL keys around as the module currently does

The simplest thing IMHO is for this module to reference the filename of the certificate and key, and rely on the user to create the files however they choose. They can create files based on hiera data (would require a small bit of custom code), manually or using a companion module like camptocamp/openssl.

I don't think any kind of SSL key management should be part of the scope of this module. Comments welcome! I'll wait for rough consensus before changing anything there.

[jfryman]

I don't think any kind of SSL key management should be part of the scope of this module.

Absolutely. When I added SSL management early on, there really wasn't another option and was a great way to bootstrap for testing. However, it's been used in tons of unintended ways in production scenarios. This is some good debt to start hacking at.