Fix manual certificate installation

Fix a bug where, when the user manually imports a certificate + key into
KeyChain, the imported certificate would sometimes not be marked as
user-selectable and so the user would not see it when
KeyChaine.choosePrivateKeyAlias was called.

The cause was the async task for marking the key as user-selectable
sometimes executing after the activity for installing the certificate
has terminated, leading it to try and interact with an
already-terminated KeyChain service.

The fix is to call the activity's finish() method only after the key is
marked as user-selectable.

Test: Manual, using CtsVerifier KeyChain Storage test.
Bug: 116716944
Change-Id: I23832ff7b609d7c609e734af48e9a0642f1df527