webrick/ssl: More keyUsage for self-signed certs

Chrome 75+ started to strictly enforce X.509 keyUsage against TLS server
certificates. Webrick supports generating instant self-signed
certificates for debugging purpose and these certificates lacks required
keyUsage for modern TLS. So adding the following keyUsages:

- digitalSignature (for server authentication)
- keyAgreement (for DH key exchange)
- dataEncipherment (for data encryption)

References:

- https://tools.ietf.org/html/rfc5280#section-4.2.1.3
- https://crbug.com/795089
- https://boringssl-review.googlesource.com/c/34604

lib/webrick/ssl.rb

@@ -122,7 +122,7 @@ module WEBrick
       ef.issuer_certificate = cert
       cert.extensions = [
         ef.create_extension("basicConstraints","CA:FALSE"),
-        ef.create_extension("keyUsage", "keyEncipherment"),
+        ef.create_extension("keyUsage", "keyEncipherment, digitalSignature, keyAgreement, dataEncipherment"),
         ef.create_extension("subjectKeyIdentifier", "hash"),
         ef.create_extension("extendedKeyUsage", "serverAuth"),
         ef.create_extension("nsComment", comment),