Support subject alternative URIs when generating cryptographic certificates.

[orendain]

Resolves https://github.com/Masterminds/sprig/issues/340.

Note: In its current form, this PR breaks current behavior by requiring a new argument for cryptographic functions. How would Sprig maintainers prefer this be adjusted, if at all?

For convenience and reference, I'll include a snippet of https://github.com/Masterminds/sprig/issues/340 here:

---

Cryptographic Sprig functions (e.g., genSelfSignedCert, genSelfSignedCertWithKey, etc.) currently support clients passing in optional lists of IPs and alternate DNS names.

I propose that these same cryptographic functions may also support clients passing in subject alternative URIs.

The crypto x509 package's Certificate (which Sprig relies on) supports specifying URI subject alternative names, as written in RFC5280:

The subject alternative name extension allows identities to be bound to the subject of the certificate. These identities may be included in addition to or in place of the identity in the subject field of the certificate. Defined options include an Internet electronic mail address, a DNS name, an IP address, and a Uniform Resource Identifier (URI).

URIs are essential to the SPIFFE standard, where:

In an X.509 SVID, the corresponding SPIFFE ID is set as a URI type in the Subject Alternative Name extension