ipaserver: Add support for external signed CA

This adds support for the --external-ca option to ipaserver. Lots of
additional tests and checks from ServerInstallInterface.__init__ have
been added to ipaserver_test. Also duplicate tests cna checks have been
removed.

Installer settings in ansible_ipa_server module_util are now also set
to the defaults that are used in Installable, ServerInstallInterface,
ServerMasterInstall, ADTrustInstallInterface and Uninstall.

The /root/ipa.csr file generated on the node in ca.install_step_0 will
be copied to the controller as "{{ inventory_hostname }}-ipa.csr".

The new task file copy_external_cert.yml has been added to copy the
generated certificate defined in ipaserver_external_cert_files to the node
to continue with ca.install_step_1.

The tasks/install.yml file has been adapted to make sure that the steps
that will be done in step two will be skipped after step one has been
done.

roles/ipaserver/library/ipaserver_prepare.py

@@ -97,7 +97,9 @@ def main():
             ### ssl certificate ###
             ### client ###
             ### certificate system ###
-            external_ca=dict(required=False),
+            external_ca=dict(required=False, type='bool'),
+            external_ca_type=dict(required=False),
+            external_ca_profile=dict(required=False),
             external_cert_files=dict(required=False, type='list', default=[]),
             subject_base=dict(required=False),
             ca_subject=dict(required=False),
@@ -152,6 +154,9 @@ def main():
     #options.no_ntp = ansible_module.params.get('no_ntp')
     ### certificate system ###
     options.external_ca = ansible_module.params.get('external_ca')
+    options.external_ca_type = ansible_module.params.get('external_ca_type')
+    options.external_ca_profile = ansible_module.params.get(
+        'external_ca_profile')
     options.external_cert_files = ansible_module.params.get(
         'external_cert_files')
     options.subject_base = ansible_module.params.get('subject_base')