Add a -days flag to specify the validity period.

[kixelated]

trafficstars

The hard-coded default of 2 years, 3 months works for most applications. However, some applications enforce that the certificate is only valid for a short period and this default is too long.

For example, WebRTC fingerprinting enforces a max duration of 30 days. WebTransport is even more extreme and rejects certs valid for more than 14 days. These certificates are meant to be ephemeral.

Fixes #339 #343

[harryqt]

Any reason why it hasn't merged yet?

[endel]

WebTransport also requires that "total length of the validity period MUST NOT exceed two weeks" (see WebTransport spec)