From 4d7044c014df763da67aa555e4211e39cab17f0c Mon Sep 17 00:00:00 2001
From: Chris Mason <57402469+cmason3@users.noreply.github.com>
Date: Fri, 6 Dec 2024 11:53:03 +0000
Subject: [PATCH] Update README.md

---
 kubernetes/README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/kubernetes/README.md b/kubernetes/README.md
index 944751a..fd8fa28 100644
--- a/kubernetes/README.md
+++ b/kubernetes/README.md
@@ -17,7 +17,7 @@ Once you have updated `kubernetes.yml` with your deployment specific values you
 The following step is used to generate a CSR for your TLS certificiate. The Common Name (CN) isn't actually used as we will be using the "subjectAltName" field as it allows multiple values (you could also use something like Let's Encrypt here, but this is out of scope of this document):
 
 ```
-openssl req -nodes -newkey rsa:2048 -keyout ingress.key -out ingress.csr -subj "/CN={CN}/emailAddress={emailAddress}/O={O}/L={L}/ST={ST}/C={C}" -reqexts SAN -config <(cat /etc/ssl/openssl.cnf <(printf "[SAN]\nsubjectAltName=DNS:*.{CLUSTER}.{DOMAIN}"))
+openssl req -nodes -newkey rsa:2048 -keyout ingress.key -out ingress.csr -subj "/CN={CN}/emailAddress={emailAddress}/O={O}/L={L}/ST={ST}/C={C}" -addext "subjectAltName=DNS:*.{CLUSTER}.{DOMAIN}"
 ```
 
 ### Generate TLS Secret with Signed Certificate