While generating haproxy configuration (including it's CRT list) the specific
order of entries is used, so that wildcard domains end up last. Thanks to this
they work as a catch-all and allow specific domain to take precedence. Care
is taken to support *.example.example.com and *.example.com situation - so
tree like possibility of wildcards.

Anonymous in-place ACL are used per each domain, instead of per-shared
instance grouping in order to avoid situation like *.example.com and
example.com having single ACL, thus resulting with catch-all kicking in too
fast.

For the precision in the haproxy configuration and simplifcation of the regular
expressions the -m reg is used, so that host_only can be applied, which also
lowercases the hostname.

Notes:
 * test00cluster_request_instance_parameter_dict changed due to sorting slaves
   in test's requestSlaves
 * the test infrastructure has been improved to assure repetition of the
   situation
 * tests in TestSlaveHostHaproxyClash are asserting that correct domain AND
   that specific certificate have been used while serving given frontend
   configuration