Implement custom SSL certificate support

[stdevel]

It would be extremely handy, if this role would also support installing Satellite with custom SSL certificates.

Official documentation:

• Satellite Server 6.6
• Satellite Capsule 6.6

NOTE: The procedure differs from Satellite 6.5 where it is required to create a certificate tar ball: official documentation
The question is whether older releases should be still supported as full support for 6.5 already ended and maintenance support will be dropped in Spring 2020: Lifecycle Documentation

Implementation TODOs:

• create variables to supply custom SSL certificate (server_ssl_cert), private key (server_ssl_key) and CA certificate/trust-chain (ca_cert)
• create task to validate chain via katello-certs-check -c <cert> -k <key> -b <ca_cert>
• add parameters to satellite-installer command: --certs-server-cert <cert> --certs-server-key <key> --certs-server-ca-cert <ca_cert>
  • if certificates should be updates in a later step, also add --certs-update-server and --certs-update-server-ca
• OPTIONAL: implement older tasks for Satellite 6.5
• add molecule test for checking whether certificates have been created

[cojmckee]

@stdevel
added this issues to oasis-roles/ansible_collection_satellite
oasis-roles/ansible_collection_satellite#29