Ticket #47908 - 389-ds 1.3.3.0 does not adjust cipher suite configuration on upgrade, breaks itself and pki-server
    
    Description:
    In the given cipher list:
      nsSSL3Ciphers: +rsa_fips_3des_sha,+rsa_fips_des_sha,+rsa_3des_sha,
       +rsa_rc4_128_md5,+rsa_des_sha,+rsa_rc2_40_md5,+rsa_rc4_40_md5,
       +fortezza
    there were 2 issues.
    1) An old cipher suite name rsa_des_sha was not correctly mapped
       to the name supported by NSS (TLS_RSA_WITH_DES_CBC_SHA) in the
       mapping table. And the unsupported cipher name was not gracefully
       skipped but returned an error.  This patch fixes the mapped name
       and the behaviour so that it skips the unknown/unsupported cipher.
    2) A cipher "fortezza" is deprecated.  It's now skipped with the
       proper warning message.
    
    Reviewed by rmeggins@redhat.com (Thank you, Rich!!)
    
    https://fedorahosted.org/389/ticket/47908
    (cherry picked from commit 83a6ceb556e769f0d0a201f4a3d783ae3915c6bc)