vpn: if a provider is configured, shouldn't need to ask for a domain

We still are not implementing the autostart feature, but I think a nice step towards that would be to drop the requirement for a provider if we already have a configured domain for demo.bitmask.net. The proposal is to try to pass the last used vpn as the provider. I guess that, if we find more than one cert for that domain, we should just use the last one used.

@meskio: thoughts?

10249 ± : bitmaskctl vpn start                                                                                                                                                                                                            [8m]
ERROR: A provider is needed to start the VPN
(bitmask2)
samsara 戝 ~bitmask/src/leap/bitmask ➤ 7c1b14f3|bug/fixes-vpn✓
10252 ± : bitmaskctl vpn status                                                                                                                                                                                                          [11m]
status      off
firewall    off
vpn         off
domain      demo.bitmask.net
↑↑↑         7.0 K
↓↓↓         10.2 K