If a non-PEM file was passed into add-scep-ca it would
accept it without question but later fail with:

status: CA_UNREACHABLE
ca-error: Error: failed to verify signature on server response.

Try to do basic validation of user-provided PEM files by:

• stripping BEGIN/END headers
• removing newlines and carriage returns
• using OpenSSL EVP library to base64 decode the block

This isn't fool-proof but it at least does some basic
sanity checking to ensure the file(s) exist and appear
to be PEM files.

The unit tests use some Let's Encrypt CA certificates.

https://bugzilla.redhat.com/show_bug.cgi?id=1492112

Signed-off-by: Rob Crittenden rcritten@redhat.com