nhyatt/mutating-webhook
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

adds more dns names to try to resolve certificate issues

Browse Source
This commit is contained in:
Hyatt 2023-03-26 09:48:27 -05:00
parent c24489854d
commit 8375c8bb20
Signed by: nhyatt
GPG Key ID: C50D0BBB5BC40BEA
2 changed files with 13 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
cmd/webhook/httpServer.go
View File

@ -49,6 +49,14 @@ func httpServer(cfg *config.Config) {
IdleTimeout: time.Duration(cfg.WebServerIdleTimeout) * time.Second, IdleTimeout: time.Duration(cfg.WebServerIdleTimeout) * time.Second,
TLSConfig: &tls.Config{ TLSConfig: &tls.Config{
MinVersion: tls.VersionTLS12, MinVersion: tls.VersionTLS12,
CipherSuites: []uint16{
tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
tls.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
tls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
tls.TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,
tls.TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305,
},
Certificates: []tls.Certificate{ Certificates: []tls.Certificate{
serverCertificate, serverCertificate,
}, },

6
internal/certificate/create-csr.go
View File

@ -22,7 +22,11 @@ func CreateCSR(privateKey string) (string, error) {
//PostalCode: []string{""}, //PostalCode: []string{""},
}, },
DNSNames: []string{ DNSNames: []string{
"svc.cluster.local", "webhook",
"webhook.ingress-nginx",
"webhook.ingress-nginx.svc",
"webhook.ingress-nginx.svc.cluster",
"webhook.ingress-nginx.svc.cluster.local",
"*.svc.cluster.local", "*.svc.cluster.local",
}, },
SignatureAlgorithm: x509.SHA384WithRSA, SignatureAlgorithm: x509.SHA384WithRSA,