Enable defining multiple key / cert pairs for key rollover scenarios

[cicnavi]

Currently, oidc module supports configuring single private key / certificate pair.

We should consider enabling support to define multiple, or at least old / new private key and certificate pair to make it easier for RPs to check in advance for available certs on JWKS URI to for signature check for ID tokens...

Example key rollover for SAML in SimpleSAMLphp: https://simplesamlphp.org/docs/latest/saml/keyrollover.html