From 7e8277284aa733636ba7b5af4d03168b6e8bdb46 Mon Sep 17 00:00:00 2001
From: Jordan Liggitt <liggitt@google.com>
Date: Mon, 13 Jun 2022 19:28:47 -0400
Subject: [PATCH] Fix example webhook cert generation

---
 staging/src/k8s.io/pod-security-admission/webhook/Makefile | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/staging/src/k8s.io/pod-security-admission/webhook/Makefile b/staging/src/k8s.io/pod-security-admission/webhook/Makefile
index 5cb9e969128..8964949cdc1 100644
--- a/staging/src/k8s.io/pod-security-admission/webhook/Makefile
+++ b/staging/src/k8s.io/pod-security-admission/webhook/Makefile
@@ -48,13 +48,13 @@ certs:
 	rm -fr pki
 	mkdir -p pki
 	openssl genrsa -out pki/ca.key 2048
-	openssl req -new -x509 -days 3650 -key pki/ca.key -subj "/CN=pod-security-webhook-ca-$(date +%s)" -out pki/ca.crt
+	openssl req -sha256 -new -x509 -days 3650 -key pki/ca.key -subj "/CN=pod-security-webhook-ca-$(shell date +%s)" -out pki/ca.crt
 
-	openssl req -newkey rsa:2048 -nodes -keyout pki/tls.key -subj "/CN=webhook.pod-security-webhook.svc" -out pki/tls.csr
+	openssl req -sha256 -newkey rsa:2048 -nodes -keyout pki/tls.key -subj "/CN=webhook.pod-security-webhook.svc" -out pki/tls.csr
 
 	echo "subjectAltName=DNS:webhook.pod-security-webhook.svc" > pki/extensions.txt
 	echo "extendedKeyUsage=serverAuth" >> pki/extensions.txt
-	openssl x509 -req -extfile pki/extensions.txt -days 730 -in pki/tls.csr -CA pki/ca.crt -CAkey pki/ca.key -CAcreateserial -out pki/tls.crt
+	openssl x509 -sha256 -req -extfile pki/extensions.txt -days 730 -in pki/tls.csr -CA pki/ca.crt -CAkey pki/ca.key -CAcreateserial -out pki/tls.crt
 
 # Publishes the PodSecurity webhook Docker image to the configured registry.
 push: