feat: Make https secretclass configurable

[sbernauer]

Description

Fixes https://github.com/stackabletech/nifi-operator/issues/499

Alternate take on https://github.com/stackabletech/nifi-operator/pull/529, but a little bit more simplistic. I also renamed clusterConfig.tls.httpSecretClass to clusterConfig.tls.serverSecretClass to be consistent with other operators (like zk or trino).

I skipped the whole "whether to request node certs" thing, as listener-op will replace it anyway.

CRD change

spec:
  clusterConfig:
    tls: # mandatory
      serverSecretClass: non-default-secret-class # mandatory, defaults to tls

Definition of Done Checklist

• Not all of these items are applicable to all PRs, the author should update this template to only leave the boxes in that are relevant
• Please make sure all these things are done and tick the boxes

# Author
- [x] Changes are OpenShift compatible
- [x] CRD changes approved
- [x] CRD documentation for all fields, following the [style guide](https://docs.stackable.tech/home/nightly/contributor/docs-style-guide).
- [ ] Helm chart can be installed and deployed operator works
- [ ] Integration tests passed (for non trivial changes)
- [x] Changes need to be "offline" compatible

# Reviewer
- [ ] Code contains useful comments
- [ ] Code contains useful logging statements
- [ ] (Integration-)Test cases added
- [ ] Documentation added or updated. Follows the [style guide](https://docs.stackable.tech/home/nightly/contributor/docs-style-guide).
- [ ] Changelog updated
- [ ] Cargo.toml only contains references to git tags (not specific commits or branches)

# Acceptance
- [ ] Feature Tracker has been updated
- [ ] Proper release label has been added
- [ ] [Roadmap](https://github.com/orgs/stackabletech/projects/25/views/1) has been updated

[sbernauer]

We talked about this in daily and took a decision shortcut as this is mostly a copy/paste from trino-operator.