Docs on automatic TLS rotation recommend settings that result in linkerd check warnings

[philomory]

The documentation for automatically rotating control plane and webhook TLS credentials give recommended settings that result in certificates that are valid for only 48 or 24 hours, respectively.

This is perfectly fine (great, even), because cert manager will automatically manage issuing replacements (that's the whole point). However, it does mean that once you've set this up, linkerd check will always issue warning because your certificates have less than 60 days left before they expire, for example:

√ issuer cert is within its validity period
‼ issuer cert is valid for at least 60 days
    issuer certificate will expire on 2022-09-24T13:35:07Z
    see https://linkerd.io/2.12/checks/#l5d-identity-issuer-cert-not-expiring-soon for hints

The documentation should probably call out that this will be the case. Optionally, the documentation could instead recommend certificates that are valid for longer (61 days?) and get replaced when they have 60 days remaining, to avoid the warnings.

(I'm aware that the troubleshooting documentation linked in the warning says, "if you do not rely on external certificate management solution such as cert-manager..."; I'm referring to the docs about setting up the external certificate management in the first place)