Issue 466 preparation.

Each instance has an associated public-private key-pair called the "instance key". The collection of public-key certificates from all instances forms an ADS-domain truststore. Secure replication uses this truststore in its TLS setup.

The instance key is maintained by the local instance using a new "truststore" backend type that manages a local keystore file. The backend is induced to generate and self-sign a key when an entry with a special dn is written to it.  Once the truststore has been so initialized, the public-key certificate can be retrieved with an LDAP search operation.

This change adds a method to the ADSContext to retrieve the instance key public-key certificate from the instance to which the context is bound, and set a field in the context with the cert. The method detects if it needs to induce the backend to produce the key. A subsequent change will publish the key in ADS.  For now (until Andy commits the truststore backend code), the attempt to retrieve the key is guarded by a check for the ads-truststore backend's presence.

There is also some minor cleanup of existing code, and some additional code related to upcoming CryptoManager related ADS setup.

M      src/ads/org/opends/admin/ads/ADSContext.java

Tests:

In addition to the precommit target, I've run the following setup scenarios using the OfflineInstaller:

1) Setup standalone server with data; setup new server as part of existing replication. Then the new server setup configures replication, ADS, and initializes suffixes on both instances.

2) Setup initial replicated server with data; setup new server as part of existing replication.