Initialize SSL when needed only, and disable SSL on errors

With this patch, the SSL subsystem will only be initialized if at least
one SSL ports is configured; so you won't get "SSL initialization failed"
messages if you didn't configured it at all.

And if SSL initialization fails, no SSL listen ports will be enabled
later which never could establish a working SSL connection at all ...