The MCO should also support tlsSecurityProfile if an install time manifest is provided for the APIServer object. This will mean that the the bootstrap operator will have to propogate the tlsSecurityProfile down to the bootstrap MCO operands, so they launch with the same TLS profile that the in-cluster MCO operands would. 

This story is specifically for the bootstrap MCS. This would involve doing two things:

• The installer copies all user defined manifests to the MCC bootstrap directory. The MCC in-turn writes some of these manifests to the MCS bootstrap directory. We should add the APIServer manifest as one of the mnafiests that should be written to the MCS bootstrap directory.
• The bootstrap MCS would then read-in the API Server manifests and launch its http server with the user defined TLS settings.

This work should also keep fips mode in mind as that can also affect the list of permissible ciphers at install time.