GUACAMOLE-839: Use BouncyCastle for retrieval of certificate details.

Java's build-in support for reading X.509 certificates does not deal
well with PIV certificates containing the username as a "serialNumber"
attribute. Rather than exposing the string value of that attribute, the
Java implementation exposes a byte array that does not fully match the
string value shown by a tool like OpenSSL.

BouncyCastle, on the other hand, _does_ match the output of OpenSSL, and
provides a predictable means of decoding the certificate.

extensions/guacamole-auth-sso/modules/guacamole-auth-sso-ssl/pom.xml

@@ -119,6 +119,13 @@
             <artifactId>jsr311-api</artifactId>
         </dependency>
 
+        <!-- Use FIPS variant of Bouncy Castle crypto library -->
+        <dependency>
+            <groupId>org.bouncycastle</groupId>
+            <artifactId>bcpkix-fips</artifactId>
+            <version>1.0.7</version>
+        </dependency>
+
     </dependencies>
 
 </project>