Stack Overflow
Stack Overflow

Questions tagged [cert-manager]

For questions about the open source cert-manager project for Kubernetes, a CNCF project.

387 questions
43
votes
3 answers

Issuing certificate as Secret does not exist

Below is the describe output for both my clusterissuer and certificate reource. I am brand new to cert-manager so not 100% sure this is set up properly - we need to use http01 validation however we are not using an nginx controller. Right now we…
NealR
  • 10,189
  • 61
  • 159
  • 299
18
votes
6 answers

CertManager Letsencrypt CertificateRequest "failed to perform self check GET request"

Waiting for http-01 challenge propagation: failed to perform self check GET request, it's similar to this bug https://github.com/jetstack/cert-manager/issues/656 but all solutions from GitHub ticket comments didn't help. I'm trying to set up…
Kirill
  • 7,580
  • 6
  • 44
  • 95
16
votes
1 answer

Waiting on certificate issuance from order status "pending"

I'm running into an issue handling tls certificates with cert-manager, I'm following the documentation and added some extras to work with Traefik as an ingress. Currently, I have this YAML files: cluster-issuer.yaml apiVersion:…
maudev
  • 974
  • 1
  • 14
  • 32
14
votes
2 answers

can't get certs working with cert-manager

I can't seem to get cert-manager working: $ kubectl get certificates -o wide NAME READY SECRET ISSUER STATUS AGE example-ingress False …
yee379
  • 6,498
  • 10
  • 56
  • 101
12
votes
1 answer

Kubernetes cert-manager not updating certificates after issuer change

I am using cert-manager 0.5.2 to manage Let's Encrypt certificates on our Kubernetes cluster. I was using the Let's Encrypt staging environment, but have now moved to use their production certificates. The problem is that my applications aren't…
Dave New
  • 38,496
  • 59
  • 215
  • 394
10
votes
5 answers

How can I fix 'failed calling webhook "webhook.cert-manager.io"'?

I'm trying to set up a K3s cluster. When I had a single master and agent setup cert-manager had no issues. Now I'm trying a 2 master setup with embedded etcd. I opened TCP ports 6443 and 2379-2380 for both VMs and did the following: VM1: curl -sfL…
Steffen
  • 1,328
  • 3
  • 12
  • 29
10
votes
2 answers

How to setup Letsencrypt with Kubernetes microk8s using default Ingress?

Recently, I tried to setup letsencrypt using microk8s and the default ingress controller on a bare-metal server. I found a few guides online that were very useful but it seems as if there must have been a recent update to microk8s that changed the…
Emmanuel Mendoza
  • 721
  • 7
  • 12
10
votes
2 answers

How to automatically load new TLS Certificates for Envoy Proxy?

I'm using https://github.com/jetstack/cert-manager in a Kubernetes environment to automatically load https://letsencrypt.org/. It creates certificates that expire in 90 days. 30 days prior to expiration, cert-manager renews the certificates and…
Cameron Taggart
  • 5,771
  • 4
  • 45
  • 70
9
votes
1 answer

cert-manager is creating new ingress with acme responder instead of modifying the existing

I'm trying to use cert-manager to issue a certificate via LetsEncrypt. I've followed through with the steps here http://docs.cert-manager.io/en/latest/getting-started/index.html However, my existing ingress is not being modified (I assume it needs…
Chris Stryczynski
  • 30,145
  • 48
  • 175
  • 286
8
votes
2 answers

Kubernetes not getting Letsencrypt Cert

I have installed microk8s, traefik and cert-manager. When I try to receive a letsencrypt certificate, a new pod for answering the challenge is created, but the request from the letsencryt server does not reach this pod. Instead, the request is…
Peter
  • 2,051
  • 1
  • 15
  • 20
8
votes
1 answer

Cert-Manager Certificate Renewal process - How it is performed?

I am using cert-manager-v0.10.0 installed from its helm chart I am using kong like ingress controller to manage the ingress operations. So I have created a ClusterIssuer resource in order it could be contacted from an Ingress resource via…
bgarcial
  • 2,915
  • 10
  • 56
  • 123
8
votes
2 answers

cert-manager letsencrypt order pending

My letsencrypt order keeps pending. I am using cert-manager on my single node kubernetes plane. Also I am using letsencrypt. kind: Certificate metadata: name: example-zone namespace: default spec: secretName: example-zone-tls renewBefore:…
Pascal K.
  • 138
  • 1
  • 3
  • 12
8
votes
1 answer

standard ingress for certificate management combined with istio

Currently Istio does not support a fully automated certificate procedure. The standard ingress does support this by means of cert-manager. Would it be possible to combine standard ingress configuration for certification management with istio for…
musicformellons
  • 12,283
  • 4
  • 51
  • 86
7
votes
1 answer

How to solve "All hosts are taken by other resources" on Google Cloud?

I currently have a Kubernetes cluster running on GCP. In this cluster I have a working NGINX Ingress, but now I'm trying add a certificate to this by using cert-manager. Everything works fine except the ACME challenge. When I do a kubectl describe…
Modx
  • 223
  • 2
  • 9
7
votes
1 answer

Can I use Google Managed Certificate in Google Kubernetes engine with NGINX INGRESS Controller?

I have a NGINX Ingress in my GKE. I want make my URL secure. But I unfortunately I am unable to achieve that via cert-manager. I see an option to create Managed Certificates. But I am not sure if there is an annotation that allow me to use google…
Ram
  • 655
  • 2
  • 7
  • 27
1
2 3
25 26