Allow user to provide certs for OpenShift

[jaredhocutt]

Currently, LetsEncrypt is used to generate certs for the OpenShift API and a wildcard for the OpenShift router. However, LetsEncrypt only allows 50 certs per week to be generated per base doman (i.e. redhatgov.io) which was hit this week.

I have already added support to disable LetsEncrypt cert generation by setting letsencrypt_cert_generation to no. To be able to work around this issue for now.

Having an option for the user to specify a cert to use instead of generating them would be beneficial when many clusters are being spun up so that a single cert that serves all hosts can be used instead of creating an individual cert for each cluster.

[deversmann]

In the mean time, NAPS also appears to have ansible.io in the Route53 managed domains. Maybe some of us could try to use it too. Spread the love and all.