The default certs in the Docker section of the repo lack the Subject Alternative Name attribute which is supposed to be used to match the hostname. RFC2818 deprecated comparing against the CN in 2000, and clients are slowly catching up - so one day this test suite will probably start breaking things. :)
This PR provides an updated cert generation script which adds the missing attribute, while trying to remain as portable as possible. Because the hostname appears in two places, the script takes it as a command-line parameter and fails if the parameter is missing (otherwise runs completely non-interactively). The PR also regenerates the key/cert pairs using the updated script.
The default certs in the Docker section of the repo lack the Subject Alternative Name attribute which is supposed to be used to match the hostname. RFC2818 deprecated comparing against the CN in 2000, and clients are slowly catching up - so one day this test suite will probably start breaking things. :)
This PR provides an updated cert generation script which adds the missing attribute, while trying to remain as portable as possible. Because the hostname appears in two places, the script takes it as a command-line parameter and fails if the parameter is missing (otherwise runs completely non-interactively). The PR also regenerates the key/cert pairs using the updated script.