Add SSL tests for certificates with embedded SCTs

The only SSL tests prior to this tested using certificates with no
embedded Signed Certificate Timestamps (SCTs), which meant they couldn't
confirm whether Certificate Transparency checks in "strict" mode were
working.

These tests reveal a bug in the validation of SCT timestamps, which is
fixed by the next commit.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3260)