ssl_multicert.config -> ssl_multicert.yaml

[bneradt]

Replace the ssl_multicert.config format with YAML format, following the pattern established by sni.yaml. The new ssl_multicert.yaml uses a top-level 'ssl_multicert' key containing a sequence of certificate entries.

This also includes a Python migration script for converting existing configs.

---

Community Decisions

• [ ] Do we want these conversion scripts to be python or c++ files? This PR implements it as Python and that's my recommendation because I feel it is more versatile. But it wouldn't be hard to implement the conversion tool as a c++ program.
• [ ] Do we want to support both the old and new formats at the same time? At 10.x, we transitioned to only supporting records.yaml, so we have that as maybe something of a precedent. This PR just supports the new, but we have to decide on our policy for the old formats for 11.

At least for ssl_multicert, either of these options are possible from an implementation standpoint.

@cmcfarlen had an interesting suggestion to bake the config conversion logic into traffic_ctl. Maybe have something like:

traffic_ctrl config convert ssl_multicert|plugins|... <old_path> <new_path>