diff --git a/cmd/webhook/httpServer.go b/cmd/webhook/httpServer.go
index af2b282..b07a6c8 100644
--- a/cmd/webhook/httpServer.go
+++ b/cmd/webhook/httpServer.go
@@ -49,6 +49,14 @@ func httpServer(cfg *config.Config) {
 		IdleTimeout:  time.Duration(cfg.WebServerIdleTimeout) * time.Second,
 		TLSConfig: &tls.Config{
 			MinVersion: tls.VersionTLS12,
+			CipherSuites: []uint16{
+				tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
+				tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
+				tls.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
+				tls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
+				tls.TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,
+				tls.TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305,
+			},
 			Certificates: []tls.Certificate{
 				serverCertificate,
 			},
diff --git a/internal/certificate/create-csr.go b/internal/certificate/create-csr.go
index 63a74ea..716d22a 100644
--- a/internal/certificate/create-csr.go
+++ b/internal/certificate/create-csr.go
@@ -22,7 +22,11 @@ func CreateCSR(privateKey string) (string, error) {
 			//PostalCode:    []string{""},
 		},
 		DNSNames: []string{
-			"svc.cluster.local",
+			"webhook",
+			"webhook.ingress-nginx",
+			"webhook.ingress-nginx.svc",
+			"webhook.ingress-nginx.svc.cluster",
+			"webhook.ingress-nginx.svc.cluster.local",
 			"*.svc.cluster.local",
 		},
 		SignatureAlgorithm: x509.SHA384WithRSA,