Cleanup SecurityConfig and related class initialization

In the certificate related code, we use the OzoneConfiguration loaded and the SecurityConfig created from the OzoneConfiguration in conjunction with each other.

We should strive to have all the PKI related code to rely only on the SecurityConfig, this makes it easier to reason about what configuration options are affecting its behaviour, and helps to prevent a few misusage we already have in the code (where we do new SecurityConfig(new SecurityConfig(config).getConfiguration) like flows.