Certificate transition

• allows to parse multiple CA certs within one cert file (preshipped or fetched from provider API)

• disables certificate pinning in case multiple certs are contained in the cert file

• we should consider to never fetch CA certs from the API endpoint for preshipped providers, just as on desktop (right, @kali?) so that breaking the certificate fingerprint validation doesn't matter so much. That is not done here though.