Add an experimental Certificate Chain sorter

[mdaloia]

Relates to issue #27

Adds a way to sort the certificates chain if the server presents them unordered (note that per RFC 8446 the end-entity certificate MUST be always the first certificate). The rest of the certificates since TLSv1.3 are allowed to be presented out-of-order and it is encouraged that clients be flexible and support it as well for older TLS version.

The main part of this PR is the new class CertificateChainSorter and its integration in ECFTrustManager. As it (currently) isn't a full complaint implementation this feature is disable by default. Interested users should add the following System Property and set it to true to enable it: org.eclipse.ecf.internal.ssl.ECFTrustManager.experimental.sortCerts.

---

The rest of the files in this PR belongs to the 2nd commit which introduces a new test bundle for the org.eclipse.ecf.ssl fragment (of org.eclipse.ecf). In order to access classes of the fragment from the test bundle we had to add the Eclipse-ExtensibleAPI: true to the MANIFEST.MF of org.eclipse.ecf. This causes the packages exported by the fragment to be re-exported by the host bundle. Per this Eclipse documentation it is only at PDE level:

Note that this header is only used by tooling (PDE) to construct proper class paths for building. The runtime does not use this header at all. At runtime a fragment is always allowed to add additional packages, classes and resources to the API of the host.

The certificates added for tests have the following data and hierarchy (only shown the Root CA and End-Entity certificates just for brevity):

[eclipse-ecf-bot]

Can one of the admins verify this patch?