Improvement to client function certimportdir(v9)

[Stueypoo]

Describe your changes

Two main changes:

• Added an option to use an alternate CA certificate.

When importing certificates into a newly migrated CA, the code performs a certificate verification based upon the CA's certificate that is stored in the DB. A problem with this occurs when the certificates being imported had been issued from the CA's previous certificate (ie., the CA has been renewed).

To remedy this, I added a "--cacert" option that allows the Operator to provide the CA's previous certificate that will then be used to verify the certificate being imported.

• Added an option to get the revocation details from the filename.

When importing revoked certificates, the Operator should supply the revocation REASON and INVALIDITY_TIME to ensure the CA can generate the CRL with the same contents. However, this means the Operator will have to perform each certificate import manually.

To import revoked certificates in bulk, then an idea is to have the REASON and TIME value encoded within the filename of each certificate. The code would then extract these revocation details and apply them as each certificate is imported.

The filename convention is: CertName!REASON!TIME, where:

1. REASON is the reason code value or the name. eg., For suspended certs, use either "6" or "CERTIFICATEHOLD" or "CERTIFICATE_HOLD"
2. TIME format is YYYY.MM.DD-hh.mm

How has this been tested?

A systemtest has been ammended to test these changes:
ant test:runone -Dtest.runone=CaImportCertDirCommandSystemTest

Checklist before requesting a review

• [X ] I have performed a self-review of my code
• [X ] I have kept the patch limited to only change the parts related to the patch
• This change requires a documentation update

NOTE: This pull request is to replace #711