Port PKI to openssl command

For now we use strongswan-pki but we should just use openssl See: https://gist.github.com/Soarez/9688998

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information