Fix Helm chart enableSecurity flag (#4537)

Fix Helm chart enableSecurity flag:

- Add parameter for whether to use v1alpha cert-manager CRDs, default off.
- Use self-signed Issuer only for the initial CA certificates, create a new
  Issuer that uses the generated CA certificate and use that for all the others

k8s/charts/seaweedfs/templates/ca-cert.yaml

@@ -1,5 +1,5 @@
 {{- if .Values.global.enableSecurity }}
-apiVersion: certmanager.k8s.io/v1alpha1
+apiVersion: cert-manager.io/v1{{ if .Values.global.certificates.alphacrds }}alpha1{{ end }}
 kind: Certificate
 metadata:
   name: {{ template "seaweedfs.name" . }}-ca-cert