From 120240fec205a4d6e1560dec0fb92a0ed41d9c95 Mon Sep 17 00:00:00 2001
From: SpectralHiss <houssem.elfekih@jetstack.io>
Date: Thu, 21 Dec 2023 12:06:33 +0000
Subject: [PATCH] Add critical extension to only SAN

Signed-off-by: SpectralHiss <houssem.elfekih@jetstack.io>
---
 test/e2e/suite/certificates/othernamesan.go      | 5 +++--
 test/e2e/suite/conformance/certificates/tests.go | 5 +++--
 2 files changed, 6 insertions(+), 4 deletions(-)

diff --git a/test/e2e/suite/certificates/othernamesan.go b/test/e2e/suite/certificates/othernamesan.go
index fbda10545..84d38e2d8 100644
--- a/test/e2e/suite/certificates/othernamesan.go
+++ b/test/e2e/suite/certificates/othernamesan.go
@@ -145,8 +145,9 @@ var _ = framework.CertManagerDescribe("othername san processing", func() {
 			val, err := asn1.Marshal(generalNames)
 			Expect(err).To(BeNil())
 			return pkix.Extension{
-				Id:    oidExtensionSubjectAltName,
-				Value: val,
+				Id:       oidExtensionSubjectAltName,
+				Value:    val,
+				Critical: true,
 			}
 		}
 		expectedSanExtension := mustMarshalSAN([]asn1.RawValue{
diff --git a/test/e2e/suite/conformance/certificates/tests.go b/test/e2e/suite/conformance/certificates/tests.go
index 16425d94c..fc0eb1102 100644
--- a/test/e2e/suite/conformance/certificates/tests.go
+++ b/test/e2e/suite/conformance/certificates/tests.go
@@ -304,8 +304,9 @@ func (s *Suite) Define() {
 					val, err := asn1.Marshal(generalNames)
 					Expect(err).To(BeNil())
 					return pkix.Extension{
-						Id:    oidExtensionSubjectAltName,
-						Value: val,
+						Id:       oidExtensionSubjectAltName,
+						Value:    val,
+						Critical: true, // Since there is no subject the SAN extension is critical
 					}
 				}
 				nameTypeEmail := 1