Make certificate generation algorithm/bits configurable

[lazypower]

We should probably expose either as charm config, or layer config - which TLS length/algorithm we are using.

ECDA, RSA-2048, RSA-4096 have all been called out as common keys to use per the mailing list.

I think we can get away with making this as a layer-option, so its a build time construct that other developers can override, and users always get sane defaults the developer has chosen for them.