Remove all static minica keys

[aarongable]

Remove the redis-tls, wfe-tls, and mail-test-srv keys which were generated by minica and then checked in to the repo. All three are replaced by the dynamically-generated ipki directory.

Part of #7476

[github-actions]

@aarongable, this PR appears to contain configuration and/or SQL schema changes. Please ensure that a corresponding deployment ticket has been filed with the new values.

[pgporada]

There's an integration test failure during the first test.

pebble-challtestsrv - 2024/05/16 16:28:10 Added DNS-01 TXT challenge for Host "_acme-challenge.rand.3fd8c05d.xyz." - Value "uP1aJBd_6k246rQYgFWQx3TwpFGfHLrbh1gDP6HvY_E"
16:28:10.488156 6 boulder-va s_zY5go logDNSError chosenServer=[10.77.77.77:8343] hostname=[_acme-challenge.rand.3fd8c05d.xyz] queryType=[TXT] err=[Post "https://10.77.77.77:8343/dns-query": dial tcp 10.77.77.77:8343: connect: connection refused]
16:28:10.488468 6 boulder-va 5YbEvgM [AUDIT] Validation result JSON={"ID":"1","Requester":1,"Hostname":"rand.3fd8c05d.xyz","Challenge":{"type":"dns-01","status":"invalid","error":{"type":"dns","detail":"DNS problem: server failure at resolver looking up TXT for _acme-challenge.rand.3fd8c05d.xyz","status":400},"token":"24FntqTT-yeesArv547RXF961puphKIdmVtCpJAAUZ4","keyAuthorization":"24FntqTT-yeesArv547RXF961puphKIdmVtCpJAAUZ4.W_w5i1MxmLHbl71sNf_dRnNVB5HEVLjvsDc1t1JH554"},"ValidationLatency":15552006.488,"Error":"dns :: DNS problem: server failure at resolver looking up TXT for _acme-challenge.rand.3fd8c05d.xyz","InternalError":"DNS problem: server failure at resolver looking up TXT for _acme-challenge.rand.3fd8c05d.xyz"}
pebble-challtestsrv - 2024/05/16 16:28:10 Removed DNS-01 TXT challenge for Host "_acme-challenge.rand.3fd8c05d.xyz"
Traceback (most recent call last):
  File "test/integration-test.py", line 146, in <module>
    main()
  File "test/integration-test.py", line 77, in main
    setup_six_months_ago()
  File "/boulder/test/helpers.py", line 178, in setup_six_months_ago
    [f() for f in six_months_ago_functions]
  File "/boulder/test/helpers.py", line 178, in <listcomp>
    [f() for f in six_months_ago_functions]
  File "/boulder/test/v2_integration.py", line 1304, in ocsp_exp_unauth_setup
    chisel2.auth_and_issue([random_domain()], client=client, cert_output=cert_file.name)
  File "/boulder/test/chisel2.py", line 133, in auth_and_issue
    order = client.poll_and_finalize(order)
  File "/usr/local/lib/python3.8/dist-packages/acme/client.py", line 184, in poll_and_finalize
    orderr = self.poll_authorizations(orderr, deadline)
  File "/usr/local/lib/python3.8/dist-packages/acme/client.py", line 209, in poll_authorizations
    raise errors.ValidationError(failed)
acme.errors.ValidationError

[aarongable]

Yep, I'm aware. This is because I moved the challtestsrv's DoH key out of the internal PKI and into the misc PKI... which means that it is signed by a different root, and the VA doesn't trust that root when reaching out to it! Go ahead and review the rest of the change while I figure out the right tweak to make this happy.

[pgporada]

Yep, I'm aware. This is because I moved the challtestsrv's DoH key out of the internal PKI and into the misc PKI... which means that it is signed by a different root, and the VA doesn't trust that root when reaching out to it! Go ahead and review the rest of the change while I figure out the right tweak to make this happy.

The rest looks good from a review earlier today, just waiting for tests to pass.

[aarongable]

I've fixed the issue with the challtestsrv cert, and I've expanded this PR to include the redis-tls certs too. PTAL!

[aarongable]

Test-only, and other reviewers are out, merging on one review.