Add instructions for generating certs

[richb-hanover]

For us duffers out here, could you provide instructions for generating the certs that are necessary to use the swift/go versions? (Even if it's a self-signed cert...) Thanks.

[richb-hanover]

I want to expand on my prior request to help people who want to implement RPM servers on new hardware/new environments. As we discussed in the call today, it would be intriguing to create a package for OpenWrt, or create a Dockerfile to run on a Raspberry Pi.

Implementors for these environments run into hurdles that aren't addressed in the current documentation:

1. What's the difference between the -key-file and the -cert-file? Is there clear documentation for generating each?

2. The instructions should indicate how to generate certificates for an OpenWrt router or Raspberry Pi with a numeric IP address (such as 192.168.1.1, 10.0.34.17, or 172.30.42.35) since they are unlikely to have a DNS name. (But, extra points for telling how add a mDNS name into the certificate.)

3. Is a self-signed certificate valid? Clarify why we want TLSv1.3 draft-ietf-ippm-responsiveness#37 (comment) makes it seem that it's the RPM Client's choice. But the server code's README.md at line 26 makes it sound as if the self-signed certficate is bad when it says:

   NOTE: The networkQuality CLI tool will only connect to a server presenting a valid SSL certificate. If you are using a custom CA, ensure the CA is trusted by the system.

4. This might be resolved if the networkQuality CLI tool on macOS were changed to give a warning if it detects an invalid SSL certificate. (Then the test would work, present accurate measurements, but indicate that the results may not be from a trusted host.)