This change generates the certificate subject key identifier using the recommended method in the RFC 5280 section 4.2.1.2.
This wrapper generates some data if needed and cleans key usages in templates.