This commit implements a mechanism to load CA configuration dynamically from
JSON files. Missing keys and certificates can be generated in a PKCS#11 HSM
or Smartcard. Certificates are stored as PEM encoded .crt files in the
filesystem.
The default PKCS#11 module (softhsm2) is now loaded from a platform specific
path using go:build comments.
- add documentation how to initialize SoftHSM for testing
- add cmd/signer package to hold future signer command
- add test to use a private key from softhsm to create a root
certificate