Add critical extension to only SAN

Signed-off-by: SpectralHiss <houssem.elfekih@jetstack.io>

test/e2e/suite/certificates/othernamesan.go

@@ -145,8 +145,9 @@ var _ = framework.CertManagerDescribe("othername san processing", func() {
 			val, err := asn1.Marshal(generalNames)
 			Expect(err).To(BeNil())
 			return pkix.Extension{
-				Id:    oidExtensionSubjectAltName,
-				Value: val,
+				Id:       oidExtensionSubjectAltName,
+				Value:    val,
+				Critical: true,
 			}
 		}
 		expectedSanExtension := mustMarshalSAN([]asn1.RawValue{

test/e2e/suite/conformance/certificates/tests.go

@@ -304,8 +304,9 @@ func (s *Suite) Define() {
 					val, err := asn1.Marshal(generalNames)
 					Expect(err).To(BeNil())
 					return pkix.Extension{
-						Id:    oidExtensionSubjectAltName,
-						Value: val,
+						Id:       oidExtensionSubjectAltName,
+						Value:    val,
+						Critical: true, // Since there is no subject the SAN extension is critical
 					}
 				}
 				nameTypeEmail := 1