Issue #703 bugfix (#711)

* Ensures that both AKI serial/issue _and_ keyid won't be included.
Validation issues crop up if both types of AKI fields are present.

* Ensure that SAN extension includes the certificate's common name

* Fix scenario where subAltNames are getting dropped when applying a template

* Ensure that SAN includes the CN

* Ensuring that getting here without a SAN extension won't break things.

* New cleaner approach

* Some bits of handling the extensions are a bit hacky, requiring access to attributes inside the objects in x509.
I think this is pretty clean though.

* lintian check

* Fixing tests

lemur/static/app/angular/certificates/services.js

@@ -107,10 +107,15 @@ angular.module('lemur')
           });
         },
         useTemplate: function () {
-          var saveSubAltNames = {};
-          if (this.extensions && this.extensions.subAltNames) {
-            saveSubAltNames = this.extensions.subAltNames;
+          if (this.extensions === undefined) {
+            this.extensions = {};
           }
+
+          if (this.extensions.subAltNames === undefined) {
+            this.extensions.subAltNames = {'names': []};
+          }
+
+          var saveSubAltNames = this.extensions.subAltNames;
           this.extensions = this.template.extensions;
           this.extensions.subAltNames = saveSubAltNames;
         },