I think the QR code can be represented as a bitmapped image made of characters, as apparently the smallest one is 29 pixels by 29 pixels.
There might not be characters which have a sufficiently large and sufficiently small number of illuminated pixels to allow a QR code reader to recognize the code directly from the displayed text on screen, so people might have to transform the characters to increase the contrast before recognizing the QR code.
I don’t think any default QR-code scanner will scan either of our ideas.
It may need a custom scanner app.
 It is difficult for the QR code to be placed directly into the SAN without specialized app to read it.
If only a puzzle piece, that leads to another piece/prize/location, is held in the SAN then that makes things easier for cert coding.
Copy this with a pencil to paper with squares ( I don’t know the English word)
Every QR-code scanner will scan it
Belive me geocachers in my area are very special ones
This is “only” difficult level 4/5
Grid Okay. Next time I should know this
Okay, this looks great.
Maybe I should change the “-” to zero and the “x” to one.
Or if this become very sick change the “-” to 2^x and the “x” to a prime number
I think we should stop now. I think if we have one or two more days they don’t hate me they will kill me
Some of the local cachers know my realname
The problem for me in solving your puzzle was that the solution method was considerably easier than I thought (a very common occurrence when solving puzzles that may involve codes and ciphers or hidden information ). The coordinates are N51 10.444 E7 10.444 (the same ones cited by @eisi123 above, somewhere near Remscheid, North Rhine-Westphalia, Germany).
Maybe you’ll go down in history as the first person to make a working puzzle based on a valid PKI certificate.
You’re correct. I think @jsha posted about this a few months ago, but I was unable to find his post just now. However, the Boulder CA code exactly supports your recollection of this restriction (which is related to standards for internationalized domain names):
According to this code, your suggestion of three alphanumeric characters before the hyphens (instead of two) should also work.