Self-signed certificates should include alternative names

Description

When generating security certificates, we now add the XMPP domain name as the subject. An Openfire service is identified by more values though, including:

  • it's component names (such as conference.<xmppdomain>)

  • it's fully qualified domain name (where the HTTP endpoints are exposed on)

These names should be added to the generated certificates in a "subject altnative name" extension, using dnsName records where appropriate.

Environment

None
Fixed

Assignee

Guus der Kinderen

Reporter

Guus der Kinderen

Labels

None

Expected Effort

None

Ignite Forum URL

None

Components

Fix versions

Priority

Major
Configure