The current export functions only allow use on a complete PKI, with CA.
This change allows the following:
* Server - Export P12/P7 without client key
* Client - Export P12/P7 without CA, P8/P1 without PKI
Due to the relative obscurity of the command options 'noca' and 'nokey',
exporting P12/P7 with incorrect options can be adjusted on-the-fly with
confirmation from the user.
Correct behaviour of export-p1 with OpenSSL v3 by using -legacy option.
Otherwise, OpenSSL v3 outputs a PKCS#8 format file.
Minor improvements to comments.
Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>
aaa44558b2