Support x509 certificates with subjectAltName for HTTPS checks

⚠️ Please verify that this bug has NOT been raised before.

• I checked and didn’t find similar issue

🛡️ Security Policy

• I agree to have read this project Security Policy

Description

Uptime-Kuma tells me that a check failed, because it was unable to verify the first certificate. I was a bit puzzled, since I was able to open the page in my browser and see that it works, and the certificate is fine.

Upon closer inspection, I noticed a potential explanation:

• the server uses a certificate from Letsencrypt, which has multiple domain names in it
• the common name of the subject is not the same as the domain I go to
• the domain is featured in the list of the subjectAltName attribute of the certificate

When viewing such a certificate with Chrome, it doesn’t even show the entries of subjectAltName. So, it looks like the certificate is indeed not valid for this domain, despite the fact that the padlock icon in the address bar is fine. Firefox, on the other hand, shows the other domains this certificate is valid for:

👟 Reproduction steps

Use a Letsencrypt certificate issued for multiple domain names.

👀 Expected behavior

Uptime-Kuma should successfully verify the certificate’s validity for the given domain.

😓 Actual Behavior

Uptime-Kuma fails to verify the certificate.

🐻 Uptime-Kuma Version

1.16.0

💻 Operating System and Arch

Ubuntu 20.04 x86

🌐 Browser

Chrome, Firefox

🐋 Docker Version

No response

🟩 NodeJS Version

No response

📝 Relevant log output

2022-05-27T14:31:28.174Z [MONITOR] WARN: Monitor #1 'test': Failing: unable to verify the first certificate | Interval: 300 seconds | Type: keyword