CDN url is allowed to be "https", which only works for one hostname
Katello only ships with TLS CA certs for cdn.redhat.com1. However, the CDN url edit page in the web UI allows for any HTTPS url. This causes confusion since users will put HTTPS, then later during sync, get a remote host verification error since the CA doesn't match the host.
For now, katello should only allow "http" URLs with the exception of "cdn.redhat.com". This catches TLS issues that may appear later during sync.
Katello only ships with a CA cert for `cdn.redhat.com`. However, users
are allowed to put any https URL into the manifest URL page. This
caused TLS sync errors which are not apparent until later when a sync
is kicked off.
Instead, validate the URL to ensure that it is either a `http` URL, or