Add support for host certificates

At present, only user certificates are supported. Add support for generation of host certificates.

Host certificates should probably expire in much longer timeframes than user certificates. Consider adding a separate parameter to control host cert expiry vs user cert.