expert-backend-allow-downgrade-ssl allows to configure each node to downgrade
SSL negotiation with the backends to insecure, OpenSSL 1 style, ciphers and
algorithms.

It's implemented only per node as it shall be only used in some specific
circumstances and the cluster default (by default) is false. Such separation
allows to setup each node independently, as it requires node restart.

backend-haproxy is hashing backend-haproxy-wrapper:output in order to be
reactive on applied change to the configuration; this will result with node
restart after the configuration.

Note that the special test backend has been moved to different file in order
to start it with subprocess with altered environment; using multiprocessing
with spawn context didn't worked out, as it altered test process and thus
supervisord environment.