cannot validate certificate for 10.90.239.223 because it doesn't contain any IP SANs

While configuring the chef provisioner I am running into the following error after running 'terraform apply'

* chef_environment.terraform_01: Post https://10.90.239.223/organizations/mykitchen/environments: x509: cannot validate certificate for 10.90.239.223 because it doesn't contain any IP SANs

I have read that the certs may need a different 'CN' field, but I don't remember manually setting up certs as part of the chef server install process.

I have these certs that I found after the install

$ls /var/opt/opscode/nginx/ca
dhparams.pem  localhost.crt  localhost.key

which I think are the ones being used but I'm not sure.

I also have set

ssl_verify_mode = ":verify_none" 

in my chef provisioner configs, but I don't know if that's relevant or working.

Do I need to (re)generate certs, if so how would I do that for chef? I already have certs generated for my matchbox service on the same machine using this script, would I use those?

UPDATE:

I tried this

openssl req -x509 -newkey rsa:4096 -keyout chef.key -out chef.pem -nodes -days 365 -config req.conf

sudo chown opscode:opscode chef.*
sudo mv chef.* /var/opt/opscode/nginx/ca/.

sudo chef-server-ctl stop
sudo chef-server-ctl reconfigure
sudo chef-server-ctl start

my req.conf

[req]
default_bits = 2048
prompt = no
default_md = sha256
req_extensions = req_ext
distinguished_name = dn

[ dn ]
C=US
ST=mystate
L=mycity
O=DevOps
OU=myname
[email protected]
CN = 10.90.239.223

[ req_ext ]
subjectAltName = @alt_names

[alt_names]
IP = 10.90.239.223
DNS.1 = 10.0.90.45
DNS.2 = 10.90.50.8
email = [email protected]
URI = https://10.90.239.223/

but I am still getting

chef_environment.terraform_01: Post https://10.90.239.223/organizations/mykitchen/environments: x509: cannot validate certificate for 10.90.239.223 because it doesn't contain any                                       IP SANs