From 56da7beb36585db40c744824614dde3840dfea33 Mon Sep 17 00:00:00 2001
From: Ashley Davis <ashley.davis@venafi.com>
Date: Thu, 19 Oct 2023 14:58:05 +0100
Subject: [PATCH] add a CN for the trust-manager certificate

since this cert is self-signed, its subject will match its issuer

it's valid to have an empty subject, but not an empty issuer

Signed-off-by: Ashley Davis <ashley.davis@venafi.com>
---
 deploy/charts/trust-manager/templates/certificate.yaml | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/deploy/charts/trust-manager/templates/certificate.yaml b/deploy/charts/trust-manager/templates/certificate.yaml
index 453660e4..12cf1da5 100644
--- a/deploy/charts/trust-manager/templates/certificate.yaml
+++ b/deploy/charts/trust-manager/templates/certificate.yaml
@@ -18,6 +18,7 @@ metadata:
   labels:
 {{ include "trust-manager.labels" . | indent 4 }}
 spec:
+  commonName: "{{ include "trust-manager.name" . }}.{{ include "trust-manager.namespace" . }}.svc"
   dnsNames:
   - "{{ include "trust-manager.name" . }}.{{ include "trust-manager.namespace" . }}.svc"
   secretName: {{ include "trust-manager.name" . }}-tls
@@ -37,6 +38,9 @@ metadata:
   name: trust-manager-policy
 spec:
   allowed:
+    commonName:
+      value: "{{ include "trust-manager.name" . }}.{{ include "trust-manager.namespace" . }}.svc"
+      required: true
     dnsNames:
       values: ["{{ include "trust-manager.name" . }}.{{ include "trust-manager.namespace" . }}.svc"]
       required: true