Fix Helm chart enableSecurity flag (#4537)

Fix Helm chart enableSecurity flag:

- Add parameter for whether to use v1alpha cert-manager CRDs, default off.
- Use self-signed Issuer only for the initial CA certificates, create a new
  Issuer that uses the generated CA certificate and use that for all the others

k8s/charts/seaweedfs/templates/cert-caissuer.yaml

@@ -0,0 +1,10 @@
+{{- if .Values.global.enableSecurity }}
+apiVersion: cert-manager.io/v1{{ if .Values.global.certificates.alphacrds }}alpha1{{ end }}
+kind: Issuer
+metadata:
+  name: {{ template "seaweedfs.name" . }}-ca-issuer
+  namespace: {{ .Release.Namespace }}
+spec:
+  ca:
+    secretName: {{ template "seaweedfs.name" . }}-ca-cert
+{{- end }}