test: update CRL certs to comply with intent validation

[CarolYeh910]

Goal

Update the CRL test certs to be compatible with the intent validation

Why

Enabling certificate intent validation by default means that all of our existing tests will have this validation enabled. Currently, the CRL certs lack a valid intent for server authentication, which means that the CRL tests will be broken if we add the new validation. This PR will fix the test failure.

How

In openssl.conf, replace the Extended Key Usage emailProtection with serverAuth and regenerate the test certs. The [ server_cert ] section was unused so I deleted it.

Testing

Existing CI should pass. I also added this commit to #5657 via git cherry-pick to verify the updated certs resolved the s2n_crl_test failure.

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

[jouho]

Have you tested the updated certs work with "Enabling certificate intent validation by default" change?
It might be a good idea to link to a draft PR that includes both the behavior change + cert updates, to show the updated certs will fix/not break the tests

[CarolYeh910]

Have you tested the updated certs work with "Enabling certificate intent validation by default" change? It might be a good idea to link to a draft PR that includes both the behavior change + cert updates, to show the updated certs will fix/not break the tests

Ah, I did run the tests locally to ensure the updated certs fixed the test failure. Forgot to mention this in the PR description 🥲 The next PR that enables intent validation is like 700 lines of change excluding these test certs, so I just split it up. I can open it now to verify the cert changes if needed~