aaf_agent generates cert as root owned currently. As majority of ONAP components/containers switched to non-root uses (SECCOM recommendation), this limits changes to cert within container once deployed (e.g for test purpose to change the key/truststore).

Need to resolve the ownership for current cert/truststore to non-root user and identify common onap usergroup which each of application can add their user into.