Update kafka certificates to include SANS

[khushijain21]

Proposed commit message

This PR updates the certificates used inside kafka container to use SAN's.

Checklist

• My code follows the style guidelines of this project
• I have commented my code, particularly in hard-to-understand areas
• I have made corresponding changes to the documentation
• I have made corresponding change to the default configuration files
• I have added tests that prove my fix is effective or that my feature works. Where relevant, I have used the stresstest.sh script to run them under stress conditions and race detector to verify their stability.
• I have added an entry in ./changelog/fragments using the changelog tool.

Disruptive User Impact

None

Related issues

• Required for [beatreceivers] Add support for ssl parameters for kafka output elastic-agent#13313

[github-actions]

🤖 GitHub comments

Just comment with:

• run docs-build : Re-trigger the docs validation. (use unformatted text in the comment!)

[mergify]

This pull request does not have a backport label.
If this is a bug or security fix, could you label this PR @khushijain21? 🙏.
For such, you'll need to label your PR with:

• The upcoming major version of the Elastic Stack
• The upcoming minor version of the Elastic Stack (if you're not pushing a breaking change)

To fixup this pull request, you need to add the backport labels for the needed
branches, such as:

• backport-8./d is the label to automatically backport to the 8./d branch. /d is the digit
• backport-active-all is the label that automatically backports to all active branches.
• backport-active-8 is the label that automatically backports to all active minor branches for the 8 major.
• backport-active-9 is the label that automatically backports to all active minor branches for the 9 major.

[elasticmachine]

Pinging @elastic/elastic-agent-data-plane (Team:Elastic-Agent-Data-Plane)

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro Plus

Run ID: 3007fcdc-7ec8-45d3-aa29-a2c451dcee34

📥 Commits

Reviewing files that changed from the base of the PR and between 323f731 and bf28bce.

📒 Files selected for processing (5)

• testing/environments/docker/kafka/README.md
• testing/environments/docker/kafka/certs/broker-cert
• testing/environments/docker/kafka/certs/broker-cert-signed
• testing/environments/docker/kafka/certs/broker.keystore.jks
• testing/environments/docker/kafka/certs/ca-cert.srl

---

📝 Walkthrough

Walkthrough

Kafka broker certificate generation in the Docker testing environment was updated. The README instructions were modified to use keytool -genkeypair with explicit parameters including 2048-bit key size, distinguished name configuration, and Subject Alternative Names. The OpenSSL signing command was expanded to include certificate extensions for subjectAltName, keyUsage, and extendedKeyUsage. The generated certificate files (broker-cert, broker-cert-signed) and the certificate serial number tracker (ca-cert.srl) were regenerated accordingly.

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

• 🛠️ Update Documentation: Commit on current branch
• 🛠️ Update Documentation: Create PR

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}