certificatemodel: Make the CertificateModel reentrant

First of all, [begin/end][Insert/Remove][Rows/Columns] is a
flat transaction and can only exist once per model. The code
was calling begin in other begin section due to some
lazy-loading code. This could result in SIGSEGV if the model
had active proxies.

More importantly, this code is called from the collections.
Some collections run in different threads. The class had a
mutex, but only used it in half the places it should have
been used. This caused a crash on the macOS and KDE client.
I could not manage to crash the Gnome client, but it is
probably possible. ASAN also got asserted due to this even
when it would have otherwise not crashed.

The commit alse fix a memory leak when the ID was duplicated
by the race condition. This is a band-aid on the problem: IDs
potentially not unique. However a band-aid is better than
acrash and the patch to fix this would be too invasive to get
past Gerrit.

Change-Id: I92e313d0243659b6af374a0cbf8bab18c3f6ba76
Reviewed-by: Nicolas Jäger <nicolas.jager@savoirfairelinux.com>