Self-signed certificates on MutatingWebhooks require double-encryption

I’m using Cybozu’s TopoLVM to provide local LVM-based storage to a bare-metal Kubernetes cluster, in an intelligent fashion.


This is a companion discussion topic for the original entry at https://friends.funkypenguin.co.nz/note/self-signed-certificate-on-mutating-webhook-requires-double-encryption/