apiVersion: cert-manager.io/v1alpha3
kind: Certificate
metadata:
  name: ${FQDN}-saml
spec:
  dnsNames:
  - ${FQDN_DOTS} 
  issuerRef:
    group: cert-manager.io
    kind: ClusterIssuer 
    name: selfsigned-issuer 
  secretName: ${FQDN}-saml
  commonName: ${FQDN_DOTS}
  duration: "26280h"
  subject:
    organizations:
    - indiehost