If the charm is related to autocert it errors on missing certs, preventing autocert install

Take the following log snippet as an example:

```
2023-06-27 13:18:58 WARNING unit.public-haproxy/0.config-changed logger.go:60 /var/lib/juju/agents/unit-public-haproxy-0/charm/hooks/config-changed:330: YAMLLoadWarning: calling yaml.load() without Loader=... is deprecated, as the default Loader is unsafe. Please read https://msg.pyyaml.org/load for full details.
2023-06-27 13:18:58 WARNING unit.public-haproxy/0.config-changed logger.go:60 sysctl_dict = yaml.load(config_data.get("sysctl", "{}"))
2023-06-27 13:18:58 INFO unit.public-haproxy/0.juju-log server.go:316 No ssl_key provided, proceeding without default certificate
2023-06-27 13:18:58 INFO unit.public-haproxy/0.juju-log server.go:316 Required config not found or invalid (metrics_target, metrics_sample_interval), disabling metrics
2023-06-27 13:18:58 WARNING unit.public-haproxy/0.config-changed logger.go:60 [ALERT] 177/131858 (26405) : parsing [/etc/haproxy/haproxy.cfg:40] : 'bind 0.0.0.0:5000' : unable to load SSL certificate file '/var/lib/haproxy/default.pem' file does not exist.
2023-06-27 13:18:58 WARNING unit.public-haproxy/0.config-changed logger.go:60 [ALERT] 177/131858 (26405) : parsing [/etc/haproxy/haproxy.cfg:55] : 'bind 0.0.0.0:443' : unable to load SSL certificate file '/var/lib/haproxy/default.pem' file does not exist.
2023-06-27 13:18:58 WARNING unit.public-haproxy/0.config-changed logger.go:60 [ALERT] 177/131858 (26405) : Error(s) found in configuration file : /etc/haproxy/haproxy.cfg
2023-06-27 13:18:58 WARNING unit.public-haproxy/0.config-changed logger.go:60 [ALERT] 177/131858 (26405) : Fatal errors found in configuration.
2023-06-27 13:18:58 INFO unit.public-haproxy/0.juju-log server.go:316 HAProxy configuration check failed, exiting.
2023-06-27 13:18:59 ERROR juju.worker.uniter.operation runhook.go:153 hook "config-changed" (via explicit, bespoke hook script) failed: exit status 1
```

This happens if HAProxy is configured to use "external" certificates, such as with the autocert subordinate charm. Looking at /etc/haproxy/haproxy.cfg we see the following, which is caused by setting `ssl_cert='DEFAULT'`:

```
frontend public-haproxy-0-443
    bind 0.0.0.0:443 ssl crt /var/lib/haproxy/default.pem no-sslv3
```

However, this file (/var/lib/haproxy/default.pem) doesn't exist until the autocert subordinate is installed, and so the charm errors as above, which prevents autocert from being installed.

The relevant bit of code is line 1042 of `hooks/hooks.py`:

```
if service_haproxy("check"):
    [...]
else:
    log("HAProxy configuration check failed, exiting.")
    sys.exit(1)
```

We should figure out if a "blocked" status on a primary charm prevents the installation of a subordinate charm from continuing. If it doesn't I think the best thing to do would be to put the charm into a blocked status if we get the error above (we should check the output of the service check function includes `unable to load SSL certificate file '/var/lib/haproxy/default.pem' file does not exist.`). We'd then need a way to notice the certificate has been installed once autocert has done so. There are a few options for doing this. One option is to update the `assess_status` function to run a `service_haproxy("check")` if HAProxy isn't running and if that passes to start it (although it's possible the service is still running as we didn't restart - we'd need to confirm, in which case we'd need to have some way of detecting whether haproxy needs to be reloaded/restarted because there are certificates that are now available). We'd then also need to respond to the update-status hook.

If blocked status does prevent subordinate charms from being installed we should potentially look at generating a temporary self-signed certificate so we can continue.