Retain openssl during signing in redhat/ubi8-minimal

Because of the slight differences between different `openssl`
package versions, it is hard to do in a uniform way (as
`openssl` installation may install additional packages).

Signed-off-by: Sonali Saha <sonali.saha@intel.com>

templates/redhat/ubi8-minimal/Dockerfile.build.template

@@ -10,7 +10,6 @@ COPY redhat-uep.pem /etc/rhsm/ca/
 # final image. This trick allows to decrease the image size by hundreds of MBs.
 RUN rm -rf /etc/rhsm-host \
     && rpm -ivh https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm \
-    && microdnf update -y \
     && microdnf install -y subscription-manager \
     && subscription-manager repos --enable codeready-builder-for-rhel-8-x86_64-rpms \
     && microdnf install -y \

templates/redhat/ubi8-minimal/Dockerfile.compile.template

@@ -8,7 +8,6 @@ COPY redhat-uep.pem /etc/rhsm/ca/
 # NOTE: meson v1.2.* has a bug that leads to Gramine build failure because of not found `libcurl.a`
 RUN rm -rf /etc/rhsm-host \
     && rpm -ivh https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm \
-    && microdnf update -y \
     && microdnf install -y subscription-manager \
     && subscription-manager repos --enable codeready-builder-for-rhel-8-x86_64-rpms \
     && microdnf install -y \

templates/redhat/ubi8-minimal/Dockerfile.sign.template

@@ -1,12 +1,14 @@
 {% extends "Dockerfile.common.sign.template" %}
 
+# Ideally, we would want to remove `openssl` and all its dependencies, but because of the slight
+# differences between different `openssl` package versions, it is hard to do in a uniform way (as
+# `openssl` installation may install additional packages).
 {% block uninstall %}
 RUN \
        pip3 uninstall -y click jinja2 \
           tomli tomli-w \
        && microdnf remove -y binutils \
           epel-release \
-          openssl \
           python3-cryptography \
           python3-protobuf \
           python3-pyelftools \