From c37af1c518b4130a5249e2dd809a9b798fdba0f6 Mon Sep 17 00:00:00 2001
From: David Caseria <david@team.sovereign.app>
Date: Mon, 29 Jul 2024 09:11:06 -0400
Subject: [PATCH] Add domain to certificate DNS name

---
 exit/https.go | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/exit/https.go b/exit/https.go
index 549c688..a55f2c1 100644
--- a/exit/https.go
+++ b/exit/https.go
@@ -130,6 +130,7 @@ func (e *Exit) createAndStoreCertificateData(ctx context.Context) (*tls.Certific
 	notAfter := notBefore.Add(10 * 365 * 24 * time.Hour)
 	serialNumberLimit := new(big.Int).Lsh(big.NewInt(1), 128)
 	serialNumber, _ := rand.Int(rand.Reader, serialNumberLimit)
+	domain, _ := e.getDomain()
 
 	template := x509.Certificate{
 		SerialNumber: serialNumber,
@@ -141,6 +142,7 @@ func (e *Exit) createAndStoreCertificateData(ctx context.Context) (*tls.Certific
 		KeyUsage:              x509.KeyUsageKeyEncipherment | x509.KeyUsageDigitalSignature,
 		ExtKeyUsage:           []x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth},
 		BasicConstraintsValid: true,
+		DNSNames:              []string{domain},
 	}
 
 	certBytes, _ := x509.CreateCertificate(rand.Reader, &template, &template, &priv.PublicKey, priv)