fix(test): Add Authority Key Identifier to SSL certificates

[oioki]

Fixes test_custom_certificate_authorities test failure after urllib3 2.6.3 bump.

urllib3 2.6.x enforces stricter X.509 validation requiring proper SubjectKeyIdentifier and AuthorityKeyIdentifier extensions per RFC 5280.

Key changes:

.add_extension(
    x509.SubjectKeyIdentifier.from_public_key(ca_key.public_key()),
    critical=False,
)
.add_extension(
    x509.AuthorityKeyIdentifier.from_issuer_subject_key_identifier(
        ca_cert.extensions.get_extension_for_class(x509.SubjectKeyIdentifier).value
    ),
    critical=False,
)

[github-actions]

Semver Impact of This PR

🟢 Patch (bug fixes)

📋 Changelog Preview

This is how your changes will appear in the changelog.
Entries from this PR are highlighted with a left border (blockquote style).

---

Bug Fixes 🐛

• (test) Add Authority Key Identifier to SSL certificates by oioki in #4162

Internal Changes 🔧

Deps

• Bump getsentry/action-release from 3.4.0 to 3.5.0 by dependabot in #4133
• Bump actions/checkout from 6.0.0 to 6.0.2 by dependabot in #4155
• Bump actions/setup-python from 6.1.0 to 6.2.0 by dependabot in #4154
• Bump getsentry/craft from 2.19.0 to 2.20.1 by dependabot in #4152
• Bump actions/setup-node from 6.1.0 to 6.2.0 by dependabot in #4153
• Bump astral-sh/setup-uv from 7.1.6 to 7.2.0 by dependabot in #4132
• Bump codecov/test-results-action from 1.1.1 to 1.2.1 by dependabot in #4115
• Bump codecov/codecov-action from 5.5.1 to 5.5.2 by dependabot in #4102
• Bump urllib3 from 2.5.0 to 2.6.3 by dependabot in #4150

Other

• Fix changelog-preview for external contributors by BYK in #4158

Other

• Allow configuring Sentry taskworker concurrency via env by madest92 in #4149

---

_{🤖 This preview updates automatically when you update the PR.}