Renegotiate TLS -- allow public access with no cert

[timbl]

The server currently asks for a certificate even if it is serving a public page. It should (like node-solid-server now) only ask for a cert when a protected page is asked for. It should re-negotiate the TLS connection in that case from no client cert to client cert level. That fix would prevent the popups which people get whenever a script tries to look up the webid of people on databox.me _

[timbl]

Possibly the problem was that the golang TLS support was not very well developped at the time, and that might have changed.