test/openssl/test_ssl: fix illegal SAN extension

A certificate can only have one SubjectAltName extension. OpenSSL 3.0 performs a stricter validation and certificates containing multiple SANs will be rejected.
ruby · Oct 22, 2021 · 558cfbe · 558cfbe
1 parent 998406d
commit 558cfbe
Showing 1 changed file with 1 addition and 2 deletions.
diff --git a/test/openssl/test_ssl.rb b/test/openssl/test_ssl.rb
@@ -593,8 +593,7 @@ def test_post_connection_check
 
     exts = [
       ["keyUsage","keyEncipherment,digitalSignature",true],
-      ["subjectAltName","DNS:localhost.localdomain",false],
-      ["subjectAltName","IP:127.0.0.1",false],
+      ["subjectAltName","DNS:localhost.localdomain,IP:127.0.0.1",false],
     ]
     @svr_cert = issue_cert(@svr, @svr_key, 4, exts, @ca_cert, @ca_key)
     start_server { |port|