I have encountered a similar issue. Admission controllers(mutating/validating) and kube-apiserver only communicate over HTTPS. The admission controller needs TLS certs.
I have few solutions to this problem that don't come natively with EKS but you can use Open source solutions
Use Cert-manager (X.509 certificate management for Kubernetes) ; cert-manager is a certificate management controller that can run on EKS. cert-manager will issue certificates from Let’s Encrypt, HashiCorp Vault, Venafi, a simple signing key pair, or self signed. Big benefit is it will ensure certificates are valid and up to date, and attempt to renew certificates at a configured time before expiry
An open source tool called k8s-webhook-cert-manager can also be used in this scenario Link: https://github.com/newrelic/k8s-webhook-cert-manager
Another open source tool is available which is based on the above tool called k8s-webhook-certificator Link: https://github.com/Trendyol/k8s-webhook-certificator
I would recommend using cert-manager on EKS which is a CNCF project. If not other 2 tools mentioned.
How to generate Container Image Manifest for EKS from Beanstalk Applications?asked 3 months ago
Default Cluster Version in EKSAccepted Answerasked 19 days ago
Where to find DNS CNAME info for existing certificates?Accepted Answerasked 4 years ago
How to use the same ACM certificate with CloudFront and ELBAccepted Answerasked 4 years ago
Signing a CSR using Private CAAccepted Answerasked 2 years ago
Why kubernetes secret needs to be encrypted?asked 3 months ago
Kubernetes trying to create a production worthy EKS cluster.asked 21 days ago
Certificate signing in EKSAccepted Answerasked a year ago
Can't use ACM certificate in Cloudfront ChinaAccepted Answerasked 6 months ago
Using a subordinate certificate authority from ACM Private CA for mTLS client certificate authentication with MSKasked 8 months ago