AM certs are all the same and all expired

[ahelsing@bbn.com]

The SSL server certificate used for the AM API server at the ExoSM, RENCI and BBN has 2 issues:

1. It is the identical certificate at all 3 servers, mis-identifying itself as geni.renci.org
2. It expired in February

This is not currently breaking anything. At some point it may be a problem if future AM clients are more picky. For example, Flack may care.

In addition, it would be slightly better if the AM certificate conformed to GENI AM API standards more closely, in 2 ways: include (1) a URN in the subjectAltName (e.g. same as the URN in the component_manager_id field of your RSpecs, naming the AM) and (2) an email address in the subjectAltName (e.g. pointing to exogeni-ops). See ​http://groups.geni.net/geni/wiki/GeniApiCertificates