This commit refactor the certificate security check handling to:

 * Cache the security level (add certificate_p.h)
 * Be able to reload the checks at any moment
 * Better track when a private key is required or not

Overall this commit is quite invasive, but things are better off
after compared from before. The important thing here is the
separation of concerns. SeurityEvaluationModel and its extension
are responsible to compute the security level.

Refs #77218

Change-Id: I1914868d052bdaa794b0b54a150f24455c256021