Automate Certificate Generation for API Server

[RobertRosca]

#37 added mTLS for the communication between frontend and backend.

#91 suggested automating this process.

To simplify development/testing, and to allow the API to be called directly, we should fetch certificates for the host the API server is running on and use those when possible.

Can also consider restricting binding non-secure ports only to loopback, with certs required for external interfaces.