Sign CSRs - subjectAlternateNames
with #7383 PFSense got the ability to sign arbitrary CSRs.
With browsers moving to only use `subjectAlternateName` when validating certificates, the new form should probably also contain the option to specify alternate names or, alternatively, read them from the CSR and suggest them by default.
Right now, a pasted CSR gets signed, but there's no way to specify SANs nor are the SANs from the CSR being copied.
Add the ability to set certificate type and SAN attributes in a CSR. Ticket #7527
TODO: They are not carried over after signing in the GUI
Restructure how certificate types and SANs are handled in the cert manager when making a Cert/CSR/Signing, so each section can properly use the controls without duplicating. It is now possible to add SANs and EKUs to certificates when signing using the certificate manager. Fixes #7527 and also Fixes #7677
NOTE: Attributes such as SANs and KU/EKU cannot be copied from a CSR when signing due to a deficiency in OpenSSL's x509 functions (they do not support "copy_extensions" at this time). They must be specified manually.