Explicitly fail cert on service when secret is not of type TLS

[AdlerFleurant]

Secrets type cannot be change when a cert is requested on a passthrough, if a secret already exist and isn't of type TLS. The service secret cannot be set. The cert operator will fail and will retry in loop to set a new cert on the service.

The solution that will be applied is to check for the secret type if it exist and if it's not of type TLS mark the service cert request as failed.