Update CA certificate install command in migration playbook

Added new ca certificate install commands in the playbook

Testcases:
PASS: Bootstrap the system with changes and verify that system is
      installed successfully
PASS: Run update_platform_certificates and verify it
      is successful
PASS: Bootstrap systemcontroller and verify that system is installed
      successfully, bootstrap subcloud from systemcontroller and
      verify subcloud is installed fine.

Story: 2010848
Task: 48473

Change-Id: I4151e1be84e2cc9d65f5740a9280408a202c1765
Signed-off-by: amantri <ayyappa.mantri@windriver.com>
Depends-on: https://review.opendev.org/c/starlingx/config/+/893799

playbookconfig/src/playbooks/roles/bootstrap/persist-config/tasks/main.yml

@@ -466,11 +466,11 @@
   - name: Check for existing ssl_ca certificates
     shell: |
       source /etc/platform/openrc
-      system certificate-list | grep ssl_ca | awk '{ print $2 }'
+      system ca-certificate-list | awk '{ print $2 }' | awk 'NR>3 && NF'
     register: existing_ssl_ca_certificates_uuid
 
   - name: Delete existing ssl_ca certificates
-    shell: source /etc/platform/openrc; system certificate-uninstall -m ssl_ca {{ item }}
+    shell: source /etc/platform/openrc; system ca-certificate-uninstall {{ item }}
     with_items:
     - "{{ existing_ssl_ca_certificates_uuid.stdout_lines }}"
     when: existing_ssl_ca_certificates_uuid.stdout_lines | length > 0
@@ -491,7 +491,7 @@
       state: absent
 
   - name: Add ssl_ca certificate
-    shell: source /etc/platform/openrc; system certificate-install -m ssl_ca {{ temp_ssl_ca }}
+    shell: source /etc/platform/openrc; system ca-certificate-install {{ temp_ssl_ca }}
     register: add_ssl_ca_certificate
 
   - name: Wait for certificate install

playbookconfig/src/playbooks/roles/common/recover-subcloud-certificates/tasks/validate-restapi-and-registry-certificates.yml

@@ -205,9 +205,9 @@
       {% elif registry_cert_expiration.rc != 0 %}
       Docker Registry certificate is expired.
       {% endif %}
-      Manual action required! On the subcloud, please update the expired certificates with
-      `system certificate-install` and then run 'dcmanager subcloud delete' and
-      'dcmanager subcloud add' again to restart the procedure.
+      Manual action required! On the subcloud, please update the expired certificates
+      and then run 'dcmanager subcloud delete' and 'dcmanager subcloud add' again to
+      restart the procedure.
   when: restapi_cert_expiration.rc is defined and
         restapi_cert_expiration.rc != 0 or
         registry_cert_expiration.rc != 0

playbookconfig/src/playbooks/roles/common/verify-and-install-system-local-ca-certs/tasks/main.yml

@@ -104,7 +104,7 @@
     - name: Install system_root_ca_cert certificate as a Trusted CA certificate
       shell: >-
         source /etc/platform/openrc &&
-        system certificate-install -m ssl_ca "{{ root_ca_file.path }}"
+        system ca-certificate-install "{{ root_ca_file.path }}"
       register: install_cert_output
       until: install_cert_output is not failed
       retries: 3

playbookconfig/src/playbooks/update_platform_certificates.yml

@@ -76,7 +76,7 @@
 
 # Ensures ICA is also installed in system controller
 # even when target_list contains only subclouds
-# Moved this tasks to be the very last because 'system certificate-install'
+# Moved this tasks to be the very last because 'system ca-certificate-install'
 # creates a temporary management affecting alarm. In order to avoid waiting
 # for it to clear, running it as a last step. No side effects of doing this.
 - hosts: localhost