"upgrade" the LocalKeyStore

Implement an "upgrade" capability for the key store file,
and then use it to delete the old file.

The existing certs in the old file are not a security
risk, but they are now useless because the format of
their aliases was changed in commit a4440b40.  They now are
just taking up storage space and memory.

Users will need to re-accept *ALL* certificates that they had
previously accepted and are still using.  (Actually, this requirement
was effective with commit 4b57d79a.  Before that, certificates whose
Subject matched did not require re-accepting.)