Bug 728592 - Allow ns-slapd to start with an invalid server cert
This patch adds a new config attribute (nsslapd-validate-cert).
This new attribute allows one to control the validation of the
server certificate used for SSL/TLS.
The valid settings are "on", "off", and "warn". The "on" setting
will make the server validate the certificate, treating an invalid
certificate as a hard failure that prevents ns-slapd from starting.
The "warn" setting will validate the certificate, but the server
will start and log an error if the certificate is invalid. The
"off" setting will skip certificate validation completely, allowing
ns-slapd to start with no reported errors when the certicate is
invalid. The default setting is "warn" if the attribute is not
specified.