Rework SSL Ajax auth
see #2792 (closed) for details. SSL Auth can (not mandatory) now be done on https://pki.example.com/authssl to benefit from compatibility with 2FA, notifications, and better error reporting.
@maudoux can you test if those changes are compatible with your current Auth::SSL setup? It should still work just like before without having to change sslHost.