MQTT TLS connection

Question

I would like to connect a test MQTT-Client to my Node.js application as a MQTT-Broker. I am using the aedes library from moscajs

My MQTT-Client is the tool "MQTT-Explorer" and here is my Node.js application:

const fs = require('fs');
const aedes = require('aedes')();

const options = {
  key: fs.readFileSync('certs/server_key.pem'),
  cert: fs.readFileSync('certs/server_cert.pem'),
};

// const server = require('net').createServer(aedes.handle);
const server = require('tls').createServer(options, aedes.handle);

const PORT = 8881;

server.listen(PORT, () => {
  console.log(`server is up and running: PORT [${PORT}] - ID [${aedes.id}]`);
});

I can connect without any problems to PORT=1881 with const server = require('net').createServer(aedes.handle) and I also can connect to PORT=8881 with const server = require('tls').createServer(options, aedes.handle)

With the Tool xca-2.4.0.msi XCA 2.4.0 I have created a ca.pem CERTIFICATE File and a CERTIFICATE server_cert.pem and a server_key.pem PRIVATE KEY (signed from ca.pem) as a Server. The key for CA and the Server are different:

For my MQTT-Client, under ADVANCED, CERTIFICATES, SERVER CERTIFICAT (CA) I selected the ca.pem File. If I select "Encryption", it works. But if select "validate certificate", error: Hostname/IP does not match certificate's altnames: IP: 127.0.0.1 is not in the certs list

Unfortunately I don't know what I'm doing wrong, thanks in advance :(