Test 4 for FDP_CER_EXT.1.1 as written violates AGD guidance.

Test 4 for FDP_CER_EXT.1.1 is modified as follows:

Test 4: For each extendedKeyUsage value defined in section 4.2.1.12 of RFC 5280, the evaluator shall attempt to configure a certificate profile with each inconsistent keyUsage for that extendedKeyUsage field. If the CA rejects the attempt to create such a profile, then the test succeeds. If the creation of such a profile is allowed within the constraints of the AGD, the evaluator shall submit a certificate request using the profile, and show that the TSF does not issue the certificate.

Test 4 should is rewritten to ensure AGD guidance is not violated