Fix cert-find for CA-less installations
    
    Change eb6d4c3037d0cc269a7924745f1cbd8f647e6e1a deferred the
    detailed lookup until all certs were collected but introduced
    a bug where the ra backend was always retrieved. This generated a
    backtrace in a CA-less install because there is no ra backend in
    the CA-less case.
    
    The deferral also removes the certificate value from the LDAP
    search output resulting in only the serial number being displayed
    unless --all is provided. Add a new class variable,
    self.ca_enabled, to add an exception for the CA-less case.
    
    Fixes https://pagure.io/freeipa/issue/7202
    
    Signed-off-by: Rob Crittenden <rcritten@redhat.com>
    Reviewed-By: Stanislav Laznicka <slaznick@redhat.com>