Improved documentation for signing/encryption keys.

[dino8890]

These are improvements to the documentation regarding signing and encryption keys, related to the issue #985 .

This is still WIP as I need to investigate how tmp_cert_file and tmp_cert_key are being used. I determined that this is the path where the keys are generated, but I am not sure what the generated keys are being used for.

I investigated Entity, SecurityContext and CryptoBackend to gather information on this, but someone can review this and see if I made a mistake.

Kind regards

[dino8890]

Update:

It seems that certificate generation is broken, and possibly not usable at all. Configuring tmp_cert_file, tmp_key_file and enabling generate_cert_info breaks the service. This functionality relies on cert_handler_extra_class configuration which is undocumented, and as of right now unused. It's None by default, and it appears to be some kind of interface, with no explanation of what it should do.

This is supposed to be used by SecurityContext, it's CertHandler, specifically the CertHandler.update_cert method.

Perhaps somebody more familiar with the code base should look into this as a separate issue, but the changes made so far are independent and can be merged.