From 395d89a59cbbba531bf1f613a8b49c2e8da29809 Mon Sep 17 00:00:00 2001
From: David Wake <dwake@box.com>
Date: Fri, 15 Oct 2021 20:18:46 -0700
Subject: [PATCH] Fix gen_certs.sh to preserve V3 extensions

---
 gen_certs.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/gen_certs.sh b/gen_certs.sh
index 8f79691f..11881f23 100755
--- a/gen_certs.sh
+++ b/gen_certs.sh
@@ -17,7 +17,7 @@ openssl genrsa -out certs/grumpy-key.pem 2048
 openssl req -new -key certs/grumpy-key.pem -subj "/CN=grumpy.default.svc" -out grumpy.csr -config certs/grumpy_config.txt
 
 # CREATE THE CERT SIGNING THE CSR WITH THE CA CREATED BEFORE
-openssl x509 -req -in grumpy.csr -CA certs/ca.crt -CAkey certs/ca.key -CAcreateserial -out certs/grumpy-crt.pem
+openssl x509 -req -in grumpy.csr -CA certs/ca.crt -CAkey certs/ca.key -CAcreateserial -out certs/grumpy-crt.pem -extensions v3_req -extfile certs/grumpy_config.txt
 
 # INJECT CA IN THE WEBHOOK CONFIGURATION
 export CA_BUNDLE=$(cat certs/ca.crt | base64 | tr -d '\n')