Some test certificates were minted with a non-minimal representation of integers. This causes the Go TLS stack to reject them. We should re-mint them.

The malformed certificates are as follows:

• badSAN.pem
• client.pem
• client_revoked.pem
• localhostnameCN.pem
• localhostnameSAN.pem

Regenerating these certificates is a pre-requisite for re-enabling the tools testing in ssl_cert_password.js. When we re-enable this functionality, we should move the test logic to the tools suite.