Related to #550

We should remove secure-cookie-key and key.pem and friends from all of the instances when they are built

Alternatively, we could see if there is a nice way to stop the product from starting too... (setting an ARG, etc.)