Don't fail if self-signed certificate can't be signed.

This makes Android Keystore's KeyPairGenerator fall back to generating
a self-signed certificate with an invalid/fake signature when the
attempt to generate a self-signed certificate with a valid signature
fails.

There is a growing number of reasons/authorizations due to which the
generated private key cannot be used to sign the self-signed
certificate. It's safer for KeyPairGenerator to succeed than to fail.

Bug: 22033161
Change-Id: I1ecbd421346166bfd536b5cfbaea169b11f0b1c8