Rotate AutoTLS CAs

[nightkr]

Description

Fixes #93

Definition of Done Checklist

• Not all of these items are applicable to all PRs, the author should update this template to only leave the boxes in that are relevant
• Please make sure all these things are done and tick the boxes

# Author
- [x] Changes are OpenShift compatible
- [x] Helm chart can be installed and deployed operator works
- [ ] Integration tests passed (for non trivial changes)
- [x] Changes need to be "offline" compatible

# Reviewer
- [x] Code contains useful comments
- [ ] (Integration-)Test cases added
- [x] Documentation added or updated. Follows the [style guide](https://docs.stackable.tech/home/nightly/contributor/style-guide).
- [x] Changelog updated
- [x] Cargo.toml only contains references to git tags (not specific commits or branches)

# Acceptance
- [ ] Feature Tracker has been updated
- [ ] Proper release label has been added

[nightkr]

It works:tm:, still need to do docs and configuration.

[nightkr]

Not sure how to test this properly, "just let the test wait for two years" obviously isn't a viable strategy.

We could at least test certificate selection by setting up some static certificates in the test suite, but having them be completely static wouldn't work either (since the correct certificate to choose depends on the system time).

[sbernauer]

Great work! Tested manually by lowering the constant times and successfully rolled over 👍

[sbernauer]

Code LGTM and seems to work.

I would prefer having kuttl tests for this (#354 might help), as we will probably never run into CA rollovers in our tests, but I can see this being hard...

[nightkr]

Created #355 for the testing.