Only use HTTPS for prod and dev so H2 will be used in browswer

Fixes #1322

All browsers require HTTPS for HTTP/2 requests.

To enable HTTPS in development:
1. `cd apps/block_scout_web`
2. `mix phx.gen.cert blockscout blockscout.local`
3. Add `blockscout` and `blockscout.local` to your `/etc/hosts`
4. If using Chrome, Enable chrome://flags/#allow-insecure-localhost.

In production, use LetsEncrypt or AWS cert infrastructure and set
environment variables:
* `SSL_CACERT_FILE`
* `SSL_CERT_FILE`
* `SSL_DHPARAM_FILE`
* `SSL_KEY_FILE`

https://blog.progressplum.app/ssl-migration-from-nginx-to-cowboy-2-in-phoenix-1-4/
is available as a guide if fronting with nginx.

.gitignore

@@ -39,3 +39,6 @@ screenshots/
 
 # osx 
 .DS_Store
+
+# mix phx.gen.cert self-signed certs for dev
+/apps/block_scout_web/priv/cert

apps/block_scout_web/config/dev.exs

@@ -8,6 +8,12 @@ use Mix.Config
 # with webpack to recompile .js and .css sources.
 config :block_scout_web, BlockScoutWeb.Endpoint,
   http: [port: 4000],
+  https: [
+    port: 4001,
+    cipher_suite: :strong,
+    certfile: "priv/cert/selfsigned.pem",
+    keyfile: "priv/cert/selfsigned_key.pem"
+  ],
   debug_errors: true,
   code_reloader: true,
   check_origin: false,

apps/block_scout_web/config/test.exs

@@ -5,7 +5,7 @@ config :block_scout_web, :sql_sandbox, true
 # We don't run a server during test. If one is required,
 # you can enable the server option below.
 config :block_scout_web, BlockScoutWeb.Endpoint,
-  http: [port: 4001],
+  http: [port: 4002],
   secret_key_base: "27Swe6KtEtmN37WyEYRjKWyxYULNtrxlkCEKur4qoV+Lwtk8lafsR16ifz1XBBYj",
   server: true