Up until now whether external ssl is enabled or not was configurable pre-bootstrap.
If ssl enabled is true - the user can give certificate and key for the manager - or else they are generated.
The new feature will allow changing the ssl mode of an existing manager.
In order to perform that we have to:
Deploy or generate both certificate and key on bootstrap, even if the ssl is disabled.
Add a new api to set the ssl mode.