Previously client-cert-import uses a JSS method that calls NSS
function PK11_ImportDERCertForKey(). To import certificate without
key it should use PK11_ImportCert but it's only available via
certutil. So for now the client-cert-import has been modified to
call certutil until the interface is added to JSS.
The MainCLI has been modified not to call CryptoManager.initialize()
to avoid locking up the security database while importing the
certificate using certutil.
Endi S. Dewata