to support sni we configure ssl_certs on a vhost basis.
additionally this commit introduces a generic configuration hash which
will be used to replace most other parameters in the future.
* handled now by a partial
* possibility to add rules that should be removed
* possibility to add custom mod_sec options"
* use new infrastructure for existing mod_sec tweaks