Generate self-signed certificate when https is enabled

Currently the self-signed certificate used as the REST API/GUI
server certificate for the first time HTTPS is enabled is generate
at build time and embedded in the ISO. This will make it expire less
than a year from the date the system is installed.

This change removed the certificate generation at build time, instead
generate it at the first time HTTPS is enabled.

Closes-Bug: 1944438
Depends-On: https://review.opendev.org/c/starlingx/config/+/810263
Signed-off-by: Andy Ning <andy.ning@windriver.com>
Change-Id: I7835534c11df3b03ea8e6f6ea7e88878386bcc12

security/stx-ssl/centos/build_srpm.data

@@ -1,2 +1,2 @@
-COPY_LIST="$PKG_BASE/files/* $PKG_BASE/LICENSE $PKG_BASE/server-csr.conf"
+COPY_LIST="$PKG_BASE/files/* $PKG_BASE/LICENSE"
 TIS_PATCH_VER=PKG_GITREVCOUNT+8

security/stx-ssl/centos/wrs-ssl.spec

@@ -6,10 +6,8 @@ License: Apache-2.0
 Group: base
 Packager: Wind River <info@windriver.com>
 URL: unknown
-BuildRequires: openssl
 
 Source0: LICENSE
-Source1: server-csr.conf
 Source2: tpmdevice-setup
 
 %description
@@ -20,13 +18,8 @@ rm -rf $RPM_BUILD_ROOT
 
 RPM_BUILD_DIR_PKG="%{name}-%{version}"
 mkdir -p $RPM_BUILD_DIR_PKG
-CSRCONF="$RPM_BUILD_DIR_PKG/server-csr.conf"
 PEMFILE="$RPM_BUILD_DIR_PKG/self-signed-server-cert.pem"
-cp %{SOURCE1} $CSRCONF
-# generate a self signed default certificate
-/usr/bin/openssl req -new -x509 -sha256 -keyout $PEMFILE -out $PEMFILE -days 365 -nodes -config $CSRCONF
 mkdir -p $RPM_BUILD_ROOT/%{_sysconfdir}/ssl/private
-install -m 400 $PEMFILE $RPM_BUILD_ROOT/%{_sysconfdir}/ssl/private/self-signed-server-cert.pem
 
 mkdir -p $RPM_BUILD_ROOT/%{_sbindir}
 install -m 700 %{SOURCE2} $RPM_BUILD_ROOT/%{_sbindir}/tpmdevice-setup

security/stx-ssl/server-csr.conf

@@ -1,8 +0,0 @@
-[ req ]
-default_bits           = 1024
-distinguished_name     = req_distinguished_name
-prompt                 = no
-
-[ req_distinguished_name ]
-CN                     = StarlingX
-