cert generation is now done inside the client process (since a87648114732f7f89a0c735ba0e01426ef8d0d02), but there is still a stand-alone executable for it, too. Is that still needed?

While cleaning this up, we will probably want to go from AppDataLocation to GenericDataLocation for cross-app data stored (comment by Ingo).