From 8375c8bb20fd5c45fdbfc845cbcd42f6130e2d1d Mon Sep 17 00:00:00 2001
From: nhyatt <nhyatt@smoothnet.org>
Date: Sun, 26 Mar 2023 09:48:27 -0500
Subject: [PATCH] adds more dns names to try to resolve certificate issues

---
 cmd/webhook/httpServer.go          | 8 ++++++++
 internal/certificate/create-csr.go | 6 +++++-
 2 files changed, 13 insertions(+), 1 deletion(-)

diff --git a/cmd/webhook/httpServer.go b/cmd/webhook/httpServer.go
index af2b282..b07a6c8 100644
--- a/cmd/webhook/httpServer.go
+++ b/cmd/webhook/httpServer.go
@@ -49,6 +49,14 @@ func httpServer(cfg *config.Config) {
 		IdleTimeout:  time.Duration(cfg.WebServerIdleTimeout) * time.Second,
 		TLSConfig: &tls.Config{
 			MinVersion: tls.VersionTLS12,
+			CipherSuites: []uint16{
+				tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
+				tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
+				tls.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
+				tls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
+				tls.TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,
+				tls.TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305,
+			},
 			Certificates: []tls.Certificate{
 				serverCertificate,
 			},
diff --git a/internal/certificate/create-csr.go b/internal/certificate/create-csr.go
index 63a74ea..716d22a 100644
--- a/internal/certificate/create-csr.go
+++ b/internal/certificate/create-csr.go
@@ -22,7 +22,11 @@ func CreateCSR(privateKey string) (string, error) {
 			//PostalCode:    []string{""},
 		},
 		DNSNames: []string{
-			"svc.cluster.local",
+			"webhook",
+			"webhook.ingress-nginx",
+			"webhook.ingress-nginx.svc",
+			"webhook.ingress-nginx.svc.cluster",
+			"webhook.ingress-nginx.svc.cluster.local",
 			"*.svc.cluster.local",
 		},
 		SignatureAlgorithm: x509.SHA384WithRSA,