Enable the user to put certificates into a vault

[dglauche]

I think it would be great to have the certificates (with keys) stored within an ansible vault. As far as I can see thats currently not possible. To keep the changes as small as possible I would propose to extract them on the manager host before everything starts runnings and remove them afterwards. Introducing a new config setting like {web,server}_cert_in_vault: true/false for the purpose would be a good choice.

What do others think about that approach? I would be happy to write a PR for that!

[splunkenizer]

This is on the todo list for some time already. I wanted to add a capability to put all secret stuff into a vault. Also passwords and secrets which are used within the playbooks. From a security perspective I think pulling them directly from the vault and sending them over without storing would be the best solution.