Ubiquiti removed keytool (and java) from recent releases of Unifi OS. This moves from keytool to openssl's native pkcs12.
Tested on Unifi Dream Machine which runs Unifi OS and a built-in Unifi controller.
Also added backup of existing files prior to change in case anything goes wrong, and update system configuration with compatible ciphers.
service/get_list returns domains in utf. But if utf, then error Error parsing certificate request: x509: SAN dNSName is malformed
early using my patch by IDN_ITEM="$(echo "${ITEM}" | idn)"
Now replacing by IDN_ITEM="$(_idn "${ITEM}")"
