Draft: Validate all candidate X.509 credentials in find_credentials

This MR closes #16 by refactoring igwn_auth_utils.find_x509_credentials to validate any and all candidate credentials that are discovered.

The default behaviour is to emit a warning about failing credentials but not raise an exception.