Use openssl random serial for certs

[ruimarinho]

OpenSSL provides a secure built-in way of generating random serials for certificates, which avoids possible conflicts.

[holmboe]

@ruimarinho I'm curious and forgive my ignorance, but does this improve security? To avoid disclosing information regarding the serials? Improve reliability through avoiding collisions?

[ruimarinho]

@holmboe I think this was simply moving the responsibility of managing the serials to openssl, nothing else. I am not aware of any security implication of the current behaviour (before merge).