fixup! chart: fix hubble tls generation with certmanager

Signed-off-by: Valentin Flaux <valentin_flaux@connect-tech.sncf>

install/kubernetes/cilium/templates/hubble/tls-certmanager/hubble-issuer.yaml

@@ -14,9 +14,12 @@ metadata:
   name: hubble-ca
   namespace: {{ .Release.Namespace }}
 spec:
-  commonName: Cilium CA
+  commonName: Hubble CA
   duration: {{ printf "%dh0m0s" (mul .Values.hubble.tls.auto.issuerCertValidityDuration 24) }}
   isCA: true
+  privateKey:
+    algorithm: ECDSA
+    size: 256
   issuerRef:
     group: cert-manager.io
     kind: Issuer

install/kubernetes/cilium/values.yaml.tmpl

@@ -993,6 +993,9 @@ hubble:
       # -- certmanager issuer used when hubble.tls.auto.method=certmanager.
       # If not specified, a CA issuer will be created.
       certManagerIssuerRef: {}
+      # -- Generated CA certificate validity duration in days for the Issuer.
+      # Only used if certManagerIssuerRef is not specified.
+      issuerCertValidityDuration: 26280
 
     # -- Deprecated in favor of tls.ca. To be removed in 1.13.
     # base64 encoded PEM values for the Hubble CA certificate and private key.