test: verify TLS cert SANs (wildcard, services, loopback, localhost, bare TLD)

Parse the generated DER cert with x509-parser to assert the exact SAN set, catching silent try_into() failures that a params-level test would miss.
2026-04-12 23:42:45 +03:00
parent 115a55b199
commit bd505813b6
2 changed files with 69 additions and 0 deletions
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -39,6 +39,7 @@ tower = { version = "0.5", features = ["util"] }
 http = "1"
 hickory-resolver = { version = "0.25", features = ["https-ring", "webpki-roots"] }
 hickory-proto = "0.25"
+x509-parser = "0.18"

 [[bench]]
 name = "hot_path"