Add Subject Alternative Names to self-siged certificate #30
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
When using the self-signed certificate generated by openssl for nginx, only the Common Name is used for validating requests.
This behaviour is deprecated and will be removed from certain libraries in the future:
Feature: Remove support for common names in certificates
Remove support for common names in certificates; only support Subject Alt Names
I have noticed this while using the REST API with the python requests library, which generated the following warning for each request:
![python-requests-warning](https://private-user-images.githubusercontent.com/46527450/314093290-cb1ebedd-9000-4cf5-9d1e-5415f78cad1a.jpg?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjE2MjY4OTYsIm5iZiI6MTcyMTYyNjU5NiwicGF0aCI6Ii80NjUyNzQ1MC8zMTQwOTMyOTAtY2IxZWJlZGQtOTAwMC00Y2Y1LTlkMWUtNTQxNWY3OGNhZDFhLmpwZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA3MjIlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNzIyVDA1MzYzNlomWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPWIxNTQ3MjRkNTJmYWIzYmQxMDg4M2UzNmY5NDg5OTQ3MDkwYzcyMTI3NmIxOTFiODk3NjE0NDdhMDYxZjYwMjYmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.d1Sa0ZjwqCvTY2ss8D3Bub3mVEdhoZuUNndKjTxkAA4)
This commit does not delete existing certificates, only adds the SAN extension to newly generated ones.
I included:
Tested on debian 12 using the latest docker engine by docker.com