Remove client certificate config

[Tratcher]

Contributes to #352

There have been a number of concerns raised with this approach so we're going to remove it for now and reconsider it in the future.

• It's different between the json config model and the code config model
• it requires passwords in the json config
• There's no rotation support, you have to modify the cluster config to point at a new cert and trigger a reload
• Multiple config provider implementations are using System.Text.Json to serialize the code model across processes, but that doesn't make sense for X509Certificate2.
• Cert lifetime issues across config reloads. The current model requires a complex weak reference cache.

Recommended alternatives:

• Use the improved ProxyHttpClientFactory support to specify the client certificate in code. This way the app controls the cert lifetimes, credentials, etc..
• Certificate information can be stored in the cluster metadata collection and consumed in the ProxyHttpClientFactory.

Future proposals:

• We may add an indirection model where a cluster references a certificate by a string id that is used to resolve the certificate from a separate service that manages them. I'd expect ProxyHttpClientFactory to consume that service.

[alnikola]

LGTM

[samsp-msft]

@Tratcher - Do we need to document how to do this now that we have removed the capability from config, or provide it in a sample (potentially the auth sample)?

[Tratcher]

The workaround for directly configuring the SocketHttpHandler is here:
https://github.com/microsoft/reverse-proxy/blob/4f9e59dc6a196a42de6e6b5e34880328a3abef7f/docs/docfx/articles/proxyhttpclientconfig.md#configuring-the-http-client

Want me to update that doc to show setting a client certificate instead of 100-continue?