Add additional config options to the web provider to enable a second set of ports that serve http2/cleartext

Also, as a follow-up to https://github.com/RedHatInsights/clowder/pull/1387 – we need to provide apps with the TlsCAPath if we have the ClowdEnvironment TLS ports configured.

As an example, if 'app B' depends on 'app A' and 'app A' has TLS enabled, then app B needs the CA certificate. Rather than iterating through app B's dependencies to see if any have TLS enabled, we'll just go ahead and set the TLS CA path whether it is going to use TLS to connect to app A or not.

UPDATE: the above doesn't work because many apps use 'TlsCAPath' at the root level to determine if TLS is on globally or not. We're now going to provide a new 'tls ca path' field within dependency endpoints.

We will assume that if a ClowdEnvironment has the TLS port/privatePort configured then the cluster has been set up with the Service CA Operator, and so it is safe to assume the openshift-service-ca.crt ConfigMap is available in every namespace.