installutils: remove hardcoded subject DN assumption

`installutils.load_external_cert` assumes that the IPA CA subject
DN is `CN=Certificate Authority, {subject_base}`.  In preparation
for full customisability of IPA CA subject DN, push this assumption
out of this function to call sites (which will be updated in a
subsequent commit).

Part of: https://fedorahosted.org/freeipa/ticket/2614

Reviewed-By: Jan Cholasta <jcholast@redhat.com>

ipaserver/install/ca.py

@@ -109,7 +109,9 @@ def install_check(standalone, replica_config, options):
                   "--external-ca.")
 
         external_cert_file, external_ca_file = installutils.load_external_cert(
-            options.external_cert_files, options.subject)
+            options.external_cert_files,
+            DN(('CN', 'Certificate Authority'), options.subject)
+        )
     elif options.external_ca:
         if cainstance.is_step_one_done():
             raise ScriptError(