build-ca: Command 'req', remove SSL option '-keyout'

[TinCanTech]

OpenSSL command 'req', option '-keyout' behaves differently between OpenSSL v3.x verses v1.x

When the private key is encrypted:

• v1.x ignores '-keyout' and does not create a new key.
• v3.x creates a new key with different parameters to the original key.

v3.x creates the original key, encrypted by AES-256-CBC; then creates the unnecessary, secondary key, encrypted by DES-EDE3-CBC.

Because EasyRSA has already generated the private key, the 'req' command must not generate a secondary key.

[TinCanTech]

@ecrist This bug dates back to v3.0.9, which does not support OpenSSL v3.x, therefore, EasyRSA v3.0x is not effected by the problem.

All versions of EasyRSA v3.1x are effected.

I think this change is suitable for EasyRSA v3.1.8 and we should consider rolling a release for it.

If this is the only bug which comes to light for v3.1x then there is less need for a release.