Additonal tests for certificate consistency on update cmds

[touilleMan]

APIv4 has modified the way we upload certificates:

All commands related to modification now must ensure causality with the certificates
(and also vlobs) already in the server. For this two errors can be returned:

• status: bad_timestamp: "Out of ballpark" error, the clock between client and server
  is broken (in API<v4 this error was not differentiate from the certificate is invalid,
  which is bad given we most likely want to explain to the user that his clock is wrong)
• status: require_greater_timestamp: causality error

Impacted commands:

• pki_enrollment_accept
• realm_update_roles
• user_create
• user_revoke
• realm_create
• user_update
• vlob_create
• vlob_update

This is some pretty sensitive stuff, so we need extra tests on those points !

Make sure on insertion, new certificate creation date > latest certif creation date.
So strictly greater, otherwise created_after param in certificate_get may skip
some certificates that append in the same timestamp (need to add tests to check that !)

Related to #4552

[touilleMan]

done.