Process x509 private keys and certificates as parameters

[luto]

Introduce two new parameter types x509certificate and x509key. Each should load a certificate- or key-file into memory for further processing. Make sure that the file is actually valid before passing it to ansible. Also conditionally validate the certificate against a given trust store. Pass the raw data encoded in PEM as well additional, parsed information like a list of domains the certificate is valid for or its expiry date.

Should be built upon the work already done in the x509-branch.

• optionally validate the certificate against the system bundle or a given one
• optionally check domain format using domain type