[Added] TLS: natsOptions_LoadCertificatesChainDynamic

[Matus-p]

Loads the certificate chain and key from a file on every connection attempt.
This allows to dynamically reload certificate when it is renewed.

[kozlovic]

@Matus-p Thank you for the quality PR. This approach - although less flexible (since the user is required to use the same cert file names, etc..) - would cause less friction.

I have used your branch and made some changes that I would like to see and pushed it. I did not create the PR out of that branch (yet) and wanted to see if you agree with the proposed changes (e827e77). You could either incorporate them in this PR or we create a PR out of the other branch. Your name/commit will be preserved. Once we decide on which direction to go, and once the changes are in place, I will enable to full PR CI tests to make sure we are not breaking anything.

[Matus-p]

@kozlovic similar approach is used in nats.go - they use the same cert file

I agree with proposed changes, thank you for that. Moreover i do not insist on function names, feel free to update them if needed.

One more thing that would need polishing is, that for test we need two different client certificates. I was not able to create one, because i do not have the CA key, so i used "server-key.pem" and "server-cert.pem". It works for testing purposes, but looks a bit ugly (in tlsverify.conf i had to use user "localhost", since there is no mail in SubjectAlternativeName section). It would be better to generate another client cert for "john@nats.io"

[kozlovic]

@Matus-p I added a new certificate (but had to regenerate the others in the process). I changed from john to Ivan if you don't mind ;-). If you want to pull the commit in this PR, please do so.

[kozlovic]

LGTM. Thank you for your contribution!