SSL Cert Hot Reloading assumes that the keystore & truststore are valid. However, a corrupt store or a password mismatch can cause Cassandra to fail accepting new connections as we throw away the old SslContext. This patch will ensure that we check the sanity of the certificates during startup and during hot reloading. This should protect against bad key/trust stores. As part of this PR, I have cleaned up the code a bit.