From 2e296311bce55cb8fca4ea2aa77c91dba6e885c6 Mon Sep 17 00:00:00 2001
From: Michael Wolf <mwolf@cloudflare.com>
Date: Thu, 26 Oct 2023 15:36:50 -0700
Subject: [PATCH] Replace testdata cert with a certificate that includes a CN

When attempting to build redoctober with a modern version of go
I was getting the following error in the tests:

x509: certificate relies on legacy Common Name field, use SANs

In looking at the existing test certificate, it is indeed
missing a SAN as it was probably generated as a oneliner with
the openssl CLI

```
   Issuer: C = US, ST = CA, L = Everywhere, O = Internet Widgits Pty Ltd, CN = localhost
   Validity
       Not Before: Oct 12 12:19:40 2016 GMT
       Not After : Sep 18 12:19:40 2116 GMT
   Subject: C = US, ST = CA, L = Everywhere, O = Internet Widgits Pty Ltd, CN = localhost
   Subject Public Key Info:
       Public Key Algorithm: rsaEncryption
           Public-Key: (2048 bit)
           Modulus:
              ...
           Exponent: 65537 (0x10001)
```

This remedies the issue by generating a new self-signed test
certificate which does include a SAN
```
$ cat cert.conf
[CA_default]
copy_extensions = copy

[req]
default_bits = 4096
prompt = no
default_md = sha256
distinguished_name = req_distinguished_name
x509_extensions = v3_ca

[req_distinguished_name]
C = US
ST = CA
L = Everywhere
O = Internet Widgits Pty Ltd
CN = localhost

[v3_ca]
basicConstraints = CA:FALSE
keyUsage = digitalSignature, keyEncipherment
subjectAltName = @alternate_names

[alternate_names]
DNS.1 = localhost
DNS.2 = *.localhost
DNS.3 = app.localhost

$ openssl req -x509 -newkey rsa:4096 -sha256 -utf8 -days 36500 -nodes -config cert.conf -keyout testdata/server.pem -out testdata/server.crt
...
$ cat testdata/server.crt | openssl x509 -noout -text
   Issuer: C = US, ST = CA, L = Everywhere, O = Internet Widgits Pty Ltd, CN = localhost
   Validity
       Not Before: Oct 26 22:33:24 2023 GMT
       Not After : Oct  2 22:33:24 2123 GMT
   Subject: C = US, ST = CA, L = Everywhere, O = Internet Widgits Pty Ltd, CN = localhost
   Subject Public Key Info:
       Public Key Algorithm: rsaEncryption
           Public-Key: (4096 bit)
           Modulus:
              ...
           Exponent: 65537 (0x10001)
   X509v3 extensions:
       X509v3 Basic Constraints:
           CA:FALSE
       X509v3 Key Usage:
           Digital Signature, Key Encipherment
       X509v3 Subject Alternative Name:
           DNS:localhost, DNS:*.localhost, DNS:app.localhost
       X509v3 Subject Key Identifier:
           1B:9B:11:0E:14:2E:D6:7D:57:4F:5D:29:CB:5B:16:01:80:34:9C:0A
```

This allows the tests to complete without running into that x509
exception or needing to set a flag in the build args to ignore it
---
 testdata/server.crt | 49 +++++++++++++++++-----------
 testdata/server.pem | 79 +++++++++++++++++++++++++++++----------------
 2 files changed, 83 insertions(+), 45 deletions(-)

diff --git a/testdata/server.crt b/testdata/server.crt
index a6c1ed8..18daf46 100644
--- a/testdata/server.crt
+++ b/testdata/server.crt
@@ -1,20 +1,33 @@
 -----BEGIN CERTIFICATE-----
-MIIDSjCCAjICCQCPi3Zin7S81jANBgkqhkiG9w0BAQsFADBmMQswCQYDVQQGEwJV
-UzELMAkGA1UECAwCQ0ExEzARBgNVBAcMCkV2ZXJ5d2hlcmUxITAfBgNVBAoMGElu
-dGVybmV0IFdpZGdpdHMgUHR5IEx0ZDESMBAGA1UEAwwJbG9jYWxob3N0MCAXDTE2
-MTAxMjEyMTk0MFoYDzIxMTYwOTE4MTIxOTQwWjBmMQswCQYDVQQGEwJVUzELMAkG
-A1UECAwCQ0ExEzARBgNVBAcMCkV2ZXJ5d2hlcmUxITAfBgNVBAoMGEludGVybmV0
-IFdpZGdpdHMgUHR5IEx0ZDESMBAGA1UEAwwJbG9jYWxob3N0MIIBIjANBgkqhkiG
-9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5MncJln7nlMj6Z+/vDfECOVLhyo7aBzyNA6R
-Ywx5J3s/ukRTdI4DWZYDu8Od3oy2VX+xbLP39mBZeTRFSYYAz5gSl1mz6Lbvj2uH
-vR9EgX7bAiRsLLVFzTRwCgimyCVO8Cog5IhVfaTkM4ERvVTzvy+6/qQn2XOsDjzG
-3FDhchU+hNflri1j2hqyUH1p5pHG4wkeLLlhylDXGemk+mRsxUWZmZsPOYpSQoHM
-108rEAMASxQ8YHvhPynvYoptNdtmdM8XHKw0w181/cO5ORFzFYJCA1rrxfyhNe5P
-Ufs9WCDbXfOxe6WQ6mFQiplNffGBv8RAcgz8RmBPK9n4p1pwMQIDAQABMA0GCSqG
-SIb3DQEBCwUAA4IBAQC70dOBTcY1vbqiMq3ojSzPrw37ZwOytFdT4f67QGU5Vxhs
-tdwoO0T7p/YePn8/+3dKPVhOdTPoTHyLf8SQ9n2EMGN9g2tDovjsdynX6Pqc3xxi
-6w2xT8U/LCeq4VTMaI7hBWqh5nNGUqeJxkotNASCN9hKnZxo1qXhc1tuZNy4U9Dd
-c/Xn1WU0FR2s9IC6EpkSHn9qm/vx7wX9AtXxXbI74UQff2SYa4EoqHTM3YAx4d8g
-ZoxcKoZa4JJzJIWNVPQ4bKc2DkaxjwRySpKYPOG5MTwx0O4UWn65dlPD+sOUX2go
-ITqeyFA5PONg9Gp5pBFNWkzItYyJGPEsvENHGBJq
+MIIFxzCCA6+gAwIBAgIUb5RgXYC0k9BJSzlY2tYwW+fOmKcwDQYJKoZIhvcNAQEL
+BQAwZjELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAkNBMRMwEQYDVQQHDApFdmVyeXdo
+ZXJlMSEwHwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQxEjAQBgNVBAMM
+CWxvY2FsaG9zdDAgFw0yMzEwMjYyMjMzMjRaGA8yMTIzMTAwMjIyMzMyNFowZjEL
+MAkGA1UEBhMCVVMxCzAJBgNVBAgMAkNBMRMwEQYDVQQHDApFdmVyeXdoZXJlMSEw
+HwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQxEjAQBgNVBAMMCWxvY2Fs
+aG9zdDCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAM8FKWPbmHOQvWYx
+/nbGAUFm9v6/9asUbzEocFwGIdksQCWc0RvXeMKBob95NdNXHdZQ5vlBrkhZJ/6I
+MdSpyET47jMFNlvs3M+/m/h+GgOyRQ3Zkk8yFJA4MYedpNYGfcDxMrmoNDUdjOPT
+sJA2wqZoSwpfx4fjGwVzubxAbt727T58IZCk9XjVunFnSM2FWsOAIqYiiNq4vs8E
+uxLoIGl05JjG6wu9jYVEJRA/i0gmPOtuLfk0++JFCgfxeH7/ctKTAbcw1DZqEkHl
+1Im4StBm9tDWpstQc4W7Ph1O+DFuASKBl0YMHdg/oWkADRCcXT7BH3vdacWnKcqO
+YycDMintROwSmUXZLEjIlX7FuVBvhq2566LHaIavkrP1NWEJDQmpY7QMvaWORtyj
+53nbQN7jxlH77b2Wnc5kAYd9OoOzGQ4PhNTZFz0Zhf4Nf2I13MJuHXSV8abxNKYf
+tLKPC/HpntqLkpjcYEEqb/UPFMH2Sj6i2Ci6rrSNfioZS6pwAzlapVCuLk4uSlLt
+HIH2Y3zbx2vTdqP62kp4elTX82p+IIRjuO9G6hS0V7F19kZ5qMr0flEVfiePUynu
+/+VNoc88oX10J0BTnT4QSjMB5wxNzHULAlyGJQdB2lfpicp6ECO2UpByLCr+nmPC
+VoFPwJH2sOKWjk5aHep2w7hz6OuHAgMBAAGjazBpMAkGA1UdEwQCMAAwCwYDVR0P
+BAQDAgWgMDAGA1UdEQQpMCeCCWxvY2FsaG9zdIILKi5sb2NhbGhvc3SCDWFwcC5s
+b2NhbGhvc3QwHQYDVR0OBBYEFBubEQ4ULtZ9V09dKctbFgGANJwKMA0GCSqGSIb3
+DQEBCwUAA4ICAQBKlrFB7Ci9/tmxIRQihXJE8JjlERB2xh4Vdr2I2KaHNSfdaYRu
+eU8i7+K3v4DD4GFhOM9PTps68IVXPwV8YGef8xg84ACOgz8S3lb/OIlCfzr/yt3A
+Tx35jMRdl3vZs2V8GqbEJncF3WKsYwMSxZU0HBikybhjrpDNvzErZqOUd/rsmcIP
+exZ/OeEn5oGkX3yBN9f2MW4iS1V1YtfODkmKTCrS5SmVZ2cuJqIt/1W7/HAYno6y
+5ZvgOb4J54pBmj4mcTItCp9Bi/D8R73jTbCK1Dq2BX2Wl34fbkKU6nrKlXTWfD1g
+LHODze/erlZByfkwM+slSdH1XBN6PXfe8fZOd6ZPkWK7ZHv249ZBYFzqWjvJ/eNX
+bmHD+VRAWHF05t3KneZX1aYvuz27zkCNzxbJIcOv1y/Ki4NcNzFFgy2RWuwDTz5S
+HnjCbgefemOQ/u8ojs3/5W08pDNdjKQFzmiJ5Zud/a61UaPW7NCaYviPzzIe3HOL
+RV7mBqwhIaTzDgAuIg08iQdc3PxtvvfswDcuON5agYgRotdxG468HHIkdf0rSVOh
+2eYNFYKjsgd96Vb+BTJEqwG3CdNv/24V511lzBS0YMjz0vVTjBJ245QRwVFbkj4e
+I6rGzt8LpB3FprhnRp+tsWWIjdBDkmYUGgdmQ2Ruh4+xgZpJavzY903rTA==
 -----END CERTIFICATE-----
diff --git a/testdata/server.pem b/testdata/server.pem
index deb6642..b3817ba 100644
--- a/testdata/server.pem
+++ b/testdata/server.pem
@@ -1,27 +1,52 @@
------BEGIN RSA PRIVATE KEY-----
-MIIEpQIBAAKCAQEA5MncJln7nlMj6Z+/vDfECOVLhyo7aBzyNA6RYwx5J3s/ukRT
-dI4DWZYDu8Od3oy2VX+xbLP39mBZeTRFSYYAz5gSl1mz6Lbvj2uHvR9EgX7bAiRs
-LLVFzTRwCgimyCVO8Cog5IhVfaTkM4ERvVTzvy+6/qQn2XOsDjzG3FDhchU+hNfl
-ri1j2hqyUH1p5pHG4wkeLLlhylDXGemk+mRsxUWZmZsPOYpSQoHM108rEAMASxQ8
-YHvhPynvYoptNdtmdM8XHKw0w181/cO5ORFzFYJCA1rrxfyhNe5PUfs9WCDbXfOx
-e6WQ6mFQiplNffGBv8RAcgz8RmBPK9n4p1pwMQIDAQABAoIBAQDPr36tQdnr60Ua
-eu2uimDmQl/Bn1C2PjCPmPnZlCUW9gbvq76me5QG6usQs47Hy6xpCLWjG+voN6aB
-JDYRfBeYW0/lHIT4p7fn1ZEu2QdzFhjxZObd3uAyW3upYBkmbtetpFCfpDMXD2wo
-ZO4ZlNh/oXB6X8Hc3+g8NGfA75r31yEc1mz77X2JYPaKkwlBpMk9E9ujOS71yDuw
-Z60FJ1JTQEkofexibIW5vcABB5yQgHDkxHCrkuQZcuhspl/Q17dza3e5A9PNHueF
-FFH8HTfZjXOZUsJ7pvucApsla20TlpE3KxVt5aalxsCyxyYU1/4cxj42EJNPXmiz
-+uO+43nBAoGBAP8wxkCfklu3T5ImFrXgYwmip7I/IMdIuQKygOaLLpG8qM3hfQpW
-QMJfPm0bcRcK68+sVErIHqS5054OQqx+QjaouyEVAaPX19KUG1Q4LSUfLMHF1SJt
-pEsGsPUzmiN27iQEUmg45HkXs/lxk5IHnZcVxwq6zUukw9eWTM5S3TilAoGBAOWD
-pV71Qh+Z7Urn7/Si9iZTPZl536Wc2AIm2SJ8jGtDMTduWU/heeTSOaQ1xHEsQv1O
-BJShhekkfL6y3hnhemjgkLzHiOmPT3Zl5/suBrHv6H1n0g4zlx0LL/bjmugj3P64
-83ShvHpQlGxZNUTro3oTDVMzB0MF4huxsgkV0nedAoGBAPvPiEGqdESWbSk89nn/
-8hpG641i55heNVnpBHL58jkS3ctSbw1tMTfbvgDx7DUdrLVfSkoEkOBhEeVMExSc
-/f9rnkO1s8mWKjx7sz/2su2HhqWq7narlEwITUOX6MiICdN2hE6dnS20av6AyWp2
-o1W7wo3e6Md0zV+Fy0Jo2CyVAoGBALyBUprab5PK9iWWt/PCwM8bgTWD7td0Kcoi
-pCZ6C06x4kN3w60jMN1qeONRMeYOB3tKz+JPg8/IIxjxig/RrJtlDhuu+tlx1j8V
-VeJsnB0bQWV2lwUJBG1bWeq6Z+mQQxuHRpYdnNMNScpvvpu7ugoyibgy6hz3QQ2j
-9ekWXkXVAoGASEczltQnyJpw9TjnXV3Mb947kkvk+CSlGT6eh9Ut2NlDxqxw+Qcs
-adenciGOWtOBWaP8JpAoczwpUPS7+ZYfcdPmkyAWhXMz5GGh539cfhij1vO8yio/
-21cnH4BGEnqN3nCuYVxYxIigDA6vPHlqtuu4E3crZHwsd0paZQiJ47c=
------END RSA PRIVATE KEY-----
+-----BEGIN PRIVATE KEY-----
+MIIJRAIBADANBgkqhkiG9w0BAQEFAASCCS4wggkqAgEAAoICAQDPBSlj25hzkL1m
+Mf52xgFBZvb+v/WrFG8xKHBcBiHZLEAlnNEb13jCgaG/eTXTVx3WUOb5Qa5IWSf+
+iDHUqchE+O4zBTZb7NzPv5v4fhoDskUN2ZJPMhSQODGHnaTWBn3A8TK5qDQ1HYzj
+07CQNsKmaEsKX8eH4xsFc7m8QG7e9u0+fCGQpPV41bpxZ0jNhVrDgCKmIojauL7P
+BLsS6CBpdOSYxusLvY2FRCUQP4tIJjzrbi35NPviRQoH8Xh+/3LSkwG3MNQ2ahJB
+5dSJuErQZvbQ1qbLUHOFuz4dTvgxbgEigZdGDB3YP6FpAA0QnF0+wR973WnFpynK
+jmMnAzIp7UTsEplF2SxIyJV+xblQb4atueuix2iGr5Kz9TVhCQ0JqWO0DL2ljkbc
+o+d520De48ZR++29lp3OZAGHfTqDsxkOD4TU2Rc9GYX+DX9iNdzCbh10lfGm8TSm
+H7Syjwvx6Z7ai5KY3GBBKm/1DxTB9ko+otgouq60jX4qGUuqcAM5WqVQri5OLkpS
+7RyB9mN828dr03aj+tpKeHpU1/NqfiCEY7jvRuoUtFexdfZGeajK9H5RFX4nj1Mp
+7v/lTaHPPKF9dCdAU50+EEozAecMTcx1CwJchiUHQdpX6YnKehAjtlKQciwq/p5j
+wlaBT8CR9rDilo5OWh3qdsO4c+jrhwIDAQABAoICABn7OtuWdsaiNrL5uUbsyMGN
+i5gjPVDQSrgvrBJQjrTz0cUmrjPBUh2PKV6fdrrkZxE7rBFCRf48ekF+lEptWH4X
+g8WRdOYKjxffo1KHePpXyETZtnwL+/qxor2zcjmOLQAnBUe5rXuxDrqVGcavqLQ7
+yJcvuBn8zapcgMX4jDGdad76sze1DD2zDSgoX0Gz59U7Yp3ZHbXdk8zlehkAWvkB
+O6NU67DYhEdiawhkATX33pNpi4mINciLA5xFmOrPYni9DG0SSr/dhhcRIiB6qaEI
+GxfQqLRBj44MFtqUy59gf/H1s6eN47z9F2PXJsyb4zP6BtqDyj+NIDiUsCr4QrY4
+kO8utzZjJWDQYqppwytJbiYATdMdgqSuQT2T/r6GcX69SUACAGGi/br/GJvD+ksR
+sxTSo1jROV4/QORnwyF7LKotKX0dZJT22HiT9qrpjTOW0uCOe8dR6Ocy496sTaFD
+tGAdjocZCALSjDL7+HLMldfwJZTp2f5qbyETJMv78lQZ3yMGOcXKwn99jMBV0fDm
+eOEaNCo8Yl2vxOxt13zg7RMwO3oiJHcBYn1klsAaDQCMeJjnA+4DcSQRZDRXYLid
+19GYZJSk/OzriCJ0blXkM8DMbqT8MiMBPW906QF2ugsHYU0uF2XN7+nypTFoIivP
+4bYUrqAjAU92uzByUsexAoIBAQDnW06ZmWayx0cncEVVL8fon2C+xfC83UzLN5qI
+ChXXVU1Dfv07D74W8INQbTAiPw46lOCl/l0MJE4qLrfRujxjIWuPN867p/kCUE/B
+epWcYJ4MA/YHpELsPc4Z6NkZa4Lt8hNY5hbBgv/W0uW9TGbuzaPBUH7/LUeLe06W
+GFkz/XFfYUC/I6HExfJwYFBSv4V9sJ/nIl2bVddW2M6uM67u69/Aphr1bIKJbCc+
+tcD0byh13WfxATiYdnbd4wY3Ly657n6iAdPyAXhMTChgcoXpbYjaJ7ndwoxvHi0w
+pYBokGJjexpekY/hDBjyRA6qIP6JGLg+YI0nYbesef83mf/pAoIBAQDlEj2Wrhqm
+Kx2mJDwSZfTSbe6ww8uldWbeyXjwyPxpdhailjVtGoJcnvaKvHaWDWRY8v2PkpSY
+OdYcSClhwAubGP1MDZVSssOgRNtCLPwmsZwea47ik8z7NxzgcdHMJMnzMGjkeAMB
+dpRhfpKBJA5OVmYYC0mDRCoLpJCuMAOeHh6AcNKbYpGg4PcBIbnamRTUZo0UeL1A
+h5dTOX/aIn/xX8c87taCRnnNQCy3C5aVOE8Q4OwkfkVazGfKe4ecAGZaKVFLZvh8
+k2ch7LyVap4HsVcxBumocXHJCqQ41KczmIm4y62/DS3LoQyD1+6TNfDM4bbMMHfZ
+VNGmIcj/81nvAoIBAQC3aPBH3o/G/SpQfrXIUcfGh8sXki5GW55MoHkWjgBApHRL
+JPo1/0XwQ52mfdkh3SE3mdz6W0uCm6mH0V+SmXTUFaOCd3ih1gkXJ3oC5V6ECShi
+WCWMa1FOnbStX6X0fAHhBv8Fg+rYYDTYJntQ9afIeyft0hXL0Cae0hM79HOLPsnJ
+Fn1QyjutlkubgQ9Mel6mhQZPIzRYN9YuGFTJT1nIOSA6RrSqiep2bVIzab1dSl4m
+Cm8jZZdrbsbPIvJDf1kot4SWhKJ0gWvP+LQtubylkFtkrwevYVMZqC+lGB9TRdtq
+CCagf/8zJvcD4KZLgzqmjv1JHhvo85O73T9R4fk5AoIBAQDLdEf/bON+cw0CY2x3
+atbnj3xQw5Y8fum/NnKUae7GPHweLAuHu+PNH+MZlgo9e+eEmU1cF3SjP7tLo0wd
+5dRpDOjsg6P8r4nQ71dOj2XleBqRajaeR2foOCsNrgoIpyQ3OufvBCinRArGDQVS
+bhPGwDYtZNkGHaS6co+OJlcQOPAeZBaqrAFsQmMgPjQ0U4KMpAjqBdMRXVyqLoe/
+1qSMXeU32Wnsi2vjQPx2F3THVBvlgeA7CWvQGXyV+uGXTUObENeDgRFyk/klyH42
+t1tkub4XbWxaj2fgh/MUBsv6p6Cq4TyQU8Q49/GFqGPdnCsjzdXtxZ6tCQir5ZYA
+vsNBAoIBAQCxB8GQQ2pBwB5A4lAtQ2MptYzdBmzcjDwzF1s8jkMFZWlYoLPY9ET9
+7ft0aBMxd6Fxkl0C09CcIbVcrL89WR93hiVHaof7lVUyD4vFSMkRIWMB12TyWgeM
+6o+arV4C6dUU8Ey3D+38mmmYgIhuJqMozJeLllBgqpeqm0czNFXX9p29+p83GkC2
+N46vqmY/7Naln9eGONV+RTdpISon1V7wHwYgh5/Lp8nNnigDAgUpBPhfVn+SPEzl
+kOoclspP6lqgFEfxPgsK19kS6E15WEPdmGumspUY9GpbSwpVlwx5nXd9+LcUWZif
+dJDGUZJ48tEHpUS59CWUOmo7BrDhN0TR
+-----END PRIVATE KEY-----