test: update certs for TestHTTPSIngress

[randmonkey]

What this PR does / why we need it:

The certificates in tlsPairs used in test cases TestHTTPSIngress and TestTCPIngressTLSPassthrough are expired, and the SANs inside does not match the hostname we used. This causes TLS failure against kong gateway image kong/kong-gateway-dev:2.8.4.2-rc1. To prevent the failures, we generated new certificates, and moved them into a single file.

Which issue this PR fixes:

fixes #4257

Special notes for your reviewer:

In this PR, we generated new certificates with the following settings:
tlsPairFooExample:

[ req ]
default_bits = 2048
prompt = no
default_md = sha256
req_extensions = req_ext
distinguished_name = dn

[ dn ]
C = US
ST = California
L = San Fransisco
O = Kong Inc
OU = team kubernetes
CN = foo.example

[ req_ext ]
subjectAltName = @alt_names

[ alt_names ]
DNS.1 = foo.example

tlsPairBarExample:

[ req ]
default_bits = 2048
prompt = no
default_md = sha256
req_extensions = req_ext
distinguished_name = dn

[ dn ]
C = US
ST = California
L = San Fransisco
O = Kong Inc
OU = team kubernetes
CN = bar.example

[ req_ext ]
subjectAltName = @alt_names

[ alt_names ]
DNS.1 = bar.example

PR Readiness Checklist:

Complete these before marking the PR as ready to review:

• the CHANGELOG.md release notes have been updated to reflect any significant (and particularly user-facing) changes introduced by this PR

[codecov]

Codecov Report

Patch coverage has no change and project coverage change: -0.2 ⚠️

Comparison is base (4f933ab) 62.9% compared to head (5602443) 62.7%.

Additional details and impacted files

@@           Coverage Diff           @@
##            main   #4261     +/-   ##
=======================================
- Coverage   62.9%   62.7%   -0.2%     
=======================================
  Files        154     154             
  Lines      17125   17125             
=======================================
- Hits       10773   10740     -33     
- Misses      5667    5699     +32     
- Partials     685     686      +1     

see 3 files with indirect coverage changes

☔ View full report in Codecov by Sentry.
📢 Do you have feedback about the report comment? Let us know in this issue.

[programmer04]

There is issue #4118 for unifying dealing with certificates in tests, you can see in it that in our tests in one place certificates are created for each run

[randmonkey]

There is issue #4118 for unifying dealing with certificates in tests, you can see in it that in our tests in one place certificates are created for each run

@programmer04 So the suggested solution is to extract the generateSelfSignedCert function in #4058 into a general helper function?

[programmer04]

I think it would be nice to have just one implementation for all tests. I saw that you're touching this code, so I linked the issue to spread awareness. Generating certs on the fly ensures that nothing unexpected is encoded in the cert blob, you have knobs to configure it. WDYT?

[pmalek]

I think it would be nice to have just one implementation for all tests.

+1

[randmonkey]

close this because we have #4271.