Set the ephemeral certificate's "not before" a short time in the past
TLS clients can have their clock a short time in the past which will result in not being able to validate the certificate.
Setting the "not before" property 5 minutes in the past will accommodate with some possible clock skew across systems.
Closes #3087 (closed)