ovs-monitor-ipsec: Don't reconfigure cert-based authentication as often.

ovs-monitor-ipsec: Don't reconfigure cert-based authentication as often.

ovs-monitor-ipsec wakes up when the Interface table is modified.  To
prevent needless reconfiguration, it maintains a dictionary of the
currently implemented configuration and compares it to any new changes.
Unfortunately, for certificate-based authentication we create a new
"peer_cert_file" key in our local dictionary, which always causes the
comparison to fail.  This forces expensive renegotiation for any change
in the Interface tables.  This commit uses set difference to detect
changes from the previous configuration as opposed to a straight simple
comparison.

Bug #9103

Signed-off-by: Justin Pettit <jpettit@nicira.com>