InstallAppleCertificate assumes OpenSSL supports algorithm RC2-40-CBC

[stevenvergenz]

Apple's development certificates are issued using algorithm RC2-40-CBC, which is supported by LibreSSL 3.3 shipped with MacOS Sonoma (the binary confusingly named "openssl"), but is not supported by OpenSSL 3.3 without the -legacy flag. Because this task uses which to find the openssl binary, if OpenSSL 3 is installed on the system (via Homebrew for example), the task will fail without the pipeline definition explicitly providing the -legacy flag.

The task should check whether the algorithm of the provided certificate is supported by OpenSSL, and add that flag automatically if required.