0

We have kube-lego setup so the certs should've auto-renewed. It didnt and according to the logs below it seems to be a problem with reaching the sites:

time="2019-08-28T22:17:26Z" level=warning msg="authorization failed after 5m0s: reachability test failed: Get https://my.website.com/.well-known/acme-challenge/_selftest: x509: certificate has expired or is not yet valid" context=acme domain=my.website..com
time="2019-08-28T22:17:26Z" level=error msg="Error while processing certificate requests: no domain could be authorized successfully" context=kubelego
time="2019-08-28T22:17:26Z" level=error msg="worker: error processing item, requeuing after rate limit: no domain could be authorized successfully" context=kubelego

I have looked into all the solutions I could google. I have killed the coredns pods and killed the kube-lego pod but it has not resolved the issue

jww
  • 97,681
  • 90
  • 411
  • 885
Aech
  • 9
  • 4
  • What version of Kubernetes do you use ? Keep in mind that the latest Kubernetes release that kube-lego officially supports is 1.8 which is quite obsolete now. The officially endorsed successor is cert-manager. – mario Aug 29 '19 at 09:46
  • When this was deployed I think we had an older version of kubernetes running in AKS. I dont "think" it was 1.8 old but def older then the version we had to update to recently for a critical patch (as per Azure's email notification). Thats probably a big reason why its not working. I'll get to work on migrating it over to cert manager. I saw that info before but it never occured to me to check version – Aech Aug 29 '19 at 13:08
  • I had some struggles with Cert-Manager (the instructions aren't 100% correct) – Aech Aug 30 '19 at 13:20
  • 1
    which instructions aren't clear for Cert manager? Changing to Cert Manager is definitely the way, we setup on an AKS instance using this https://docs.cert-manager.io/en/latest/getting-started/install/kubernetes.html, the only thing we had to do was disable the webhooks functionality – Spazzy757 Sep 05 '19 at 11:19

0 Answers0