investigate the need of OPENSSL_ENABLE_SHA1_SIGNATURES=1 in npm cover and npm test

[smokhov]

On some distributions (e.g., RH-derivative EL9, such as AlmaLinux 9), SHA1 is deprecated by default and running e.g. npm run cover (and presumably npm run test) fails with:

  1) WSSecurityCert
       should use rsa-sha1 signature method when the signatureAlgorithm option is set to WSSecurityCert:
     Error: error:03000098:digital envelope routines::invalid digest
      at Sign.sign (node:internal/crypto/sig:128:29)
      at node-soap/node_modules/xml-crypto/lib/signature-algorithms.js:11:32
      at RsaSha1.getSignature (node_modules/xml-crypto/lib/types.js:52:20)
      at SignedXml.calculateSignatureValue (node_modules/xml-crypto/lib/signed-xml.js:327:42)
      at SignedXml.computeSignature (node_modules/xml-crypto/lib/signed-xml.js:763:18)
      at WSSecurityCert.postProcess (lib/security/WSSecurityCert.js:2:10622)
      at Context.<anonymous> (test/security/WSSecurityCert.js:285:26)
      at process.processImmediate (node:internal/timers:483:21)

Running it as OPENSSL_ENABLE_SHA1_SIGNATURES=1 npm run cover makes it pass. Going into the future, either both targets in package.json should have this env var, esp. when GitHub Actions switches to Ubuntu 24 soon(tm), or the test should migrate to a newer algorithm.