🐛Fix certwatcher test to be backwards compatible

[m-messiah]

#3020 improved the certwatcher test to check not only the privatekeys, but the certificate data too.
The test was using cert.Leaf field that is populated since Go 1.23 only (which is used in the main branch), so fails in the release-0.19 #3023.

The PR updates the test to use certificate comparison that should work in all previous versions of Go properly.

Note, it checks Certificate[0] which might be wrong in broken chains, but this is the default behavior of tls.X509KeyPair - it always parses the first certificate only. And also note, that there is no need in len checks as the certificate is guaranteed to be present, otherwise Parse would return error earlier.

[k8s-ci-robot]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: m-messiah
Once this PR has been reviewed and has the lgtm label, please assign joelanford for approval. For more information see the Kubernetes Code Review Process.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[vincepri]

Included this commit in #3023

/close

[k8s-ci-robot]

@vincepri: Closed this PR.

In response to this:

Included this commit in #3023

/close

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.