ReloadCertificateRevocationList in SSLDefinitions should extend ElytronRuntimeOnlyHandler so it won't try and execute runtime work on a profile resource.

Possibly this op shouldn't be registered at all on a profile resource, but changing this is a simple way to guard against problems if it is.