SSLUtil should not allow trusting all certificates

[varrunr]

AllTrustManager trusts all certificates by default. SSL is basically useless without the concept of trust.
This is an example of bad SSL implementation and can lead to a man-in-the-middle attack. See http://crypto.stanford.edu/~dabo/pubs/abstracts/ssl-client-bugs.html for more

[chrisdail]

ViPR installs with self-signed certificates so there is no concept of trust in a default install. This is provided as a convenience for default installations that did not sign certificates for use in the system. Also, the ssl factory can be overridden with a custom version which is what is recommended.

I will look to remove the trust all as a default setting for the 2.1 release.