fix: Skip host checks for certs with invalid DNS names

[juselius]

Kubernetes system certs have a CN which is not a vaild DNS name (e.g. system:kube-proxy). The hostname check always fails for kubernetes system certs, causing them to be regenerated every 30m, causing trouble.

[ttrssreal]

Also running into this