Create CredentialExpiryBanner warnings for certificate expiration of central-db-tls certificates

[danekantner]

The default certificates that are created for postgres client/server connections that are stored in central-db-tls have a 1 year expiration. The banners that typically warn of central or scanner certification expiration upcoming, do not exist for the similarly important central-db certificates used by postgres.

When this happens, with the default postgres settings of sslmode=verify-full central will then fail to start and will be inaccessible via both UX and API.

This happens with StackRox 4.4.0 (and presumably >= 4.0)

[Maddosaurus]

We're internally tracking this as ROX-24072.
While I can't comment on timelines, I double checked that this issue is linked in the ticket, so the according team updates here as soon as they have implemented a solution!