X509 certificate automation via ACME or Vault issuer

What does this MR do and why?

This MR adds external certificate issuers, i.e. ACME and Vault, to the sylva helm chart.

Adding such an issuer allows to manage automatically the certificates of the exposed interfaces (vault, rancher, etc...) through an external certificate authority, e.g. let's encrypt or the private authority of the company using the Sylva stack.

cc @matrohon

Closes #922

Tests

Deployment CAPO/RKE2 tested with all possible issuers:

• without an external issuer: checked that the certificates are issued by the internal PKI as before this MR
• vault issuer: successfully tested with sylva-ca leveraging an external Hashicorp Vault server enabling a PKI engine supporting a certification chain made of a root authority and an intermediate signing authority dedicated to sylva
• acme issuer:
  • successfully tested on an external Hashicorp Vault PKI engine with ACME enabled
  • test the staging environment of Let's Encrypt. Note that the certificate creation cannot succeed because of DNS resolution issue, i.e. Let's encrypt can't resolve the DNS name of sylva services for dev platforms