In theory, Elasticsearch supported configuring a PKCS#11 keystore
anywhere where a keystore/truststore could be used. For example:
xpack.security.http.ssl.keystore.type: pkcs11
However, this support was poorly tested and broken.
This commit removes PKCS#11 support from any configurable SSL context.
It does not affect the ability to use a PKCS#11 keystore as the JRE's
system default keystore/truststore.