feat: Implement new certificate generation service

- Refactor certificate generation into a dedicated service object
- Add Base64 encoding for p12 binary data storage
- Implement serial number generation and storage
- Remove deprecated certificate generation code
- Simplify certificate status checks
- Update certificate controller to use new generator
- Add proper password handling for p12 containers

The main changes include:
- Moving certificate generation logic to CertificateGenerator service
- Proper handling of binary data encoding
- Implementing serial number tracking for future CRL support
- Removing old certificate generation and validation code
- Simplifying the certificate lifecycle management

This commit provides a more maintainable and robust certificate
generation system while preparing for future CRL implementation.

app/models/api_user.rb

@@ -74,24 +74,11 @@ class ApiUser < User
   end
 
   def pki_ok?(crt, com, api: true)
-    Rails.logger.info '====== incoming params ======'
-    Rails.logger.info "crt: #{crt}\n\n"
-    Rails.logger.info "com: #{com}\n\n"
-    Rails.logger.info "api: #{api}\n\n"
-    Rails.logger.info "====== incoming params ======\n\n"
-
     return false if crt.blank? || com.blank?
 
-    Rails.logger.info '====== handler ======'
-
     origin = api ? certificates.api : certificates.registrar
-    Rails.logger.info "origin: #{origin}\n\n"
     cert = machine_readable_certificate(crt)
-    Rails.logger.info "cert: #{cert}\n\n"
     md5 = OpenSSL::Digest::MD5.new(cert.to_der).to_s
-    Rails.logger.info "md5: #{md5}\n\n"
-
-    Rails.logger.info "====== handler ====== \n\n\n"
 
     origin.exists?(md5: md5, common_name: com, revoked: false)
   end