TcpServerUtils.pm: generate a better certificate (Forum #124874)

git-svn-id: https://svn.fhem.de/fhem/trunk@25358 2b470e98-0d58-463d-a4d8-8e2adae1ed80

fhem/FHEM/TcpServerUtils.pm

@@ -188,8 +188,31 @@ TcpServer_SetSSL($)
       Log 1, "$name: failed to create certreq.txt: $!, falling back to HTTP";
       return;
     }
-    print FH "[ req ]\nprompt = no\ndistinguished_name = dn\n\n".
-             "[ dn ]\nC = DE\nO = FHEM\nCN = home.localhost\n\n";
+    my $hostname = `hostname`;
+    chomp($hostname);
+    print FH << "EOF";
+[ req ]
+prompt = no
+distinguished_name = dn
+x509_extensions = ext
+
+[ dn ]
+CN = $hostname
+O = FHEM
+OU = localhost
+
+[ ext ]
+basicConstraints=CA:TRUE
+extendedKeyUsage = serverAuth
+subjectAltName=\@san
+
+[san]
+DNS.1=localhost
+DNS.2=$hostname
+IP.1=127.0.0.1
+IP.2=::1
+EOF
+
     close(FH);
 
     my $cmd = "openssl req -new -x509 -days 3650 -nodes -newkey rsa:2048 ".