I don’t undestand why i can’t get certificates on K8S using cert-manager
-
I installed cert-manager : https://github.com/cert-manager/cert-manager/releases/download/v1.7.1/cert-manager.crds.yaml
-
I created ClusterIssuer
apiVersion: cert-manager.io/v1 kind: ClusterIssuer metadata: name: letsencrypt-staging spec: acme: email: [email protected] server: https://acme-staging-v02.api.letsencrypt.org/directory privateKeySecretRef: name: example-issuer-account-key solvers: - http01: ingress: class: nginx
-
I created ingress
apiVersion: networking.k8s.io/v1 kind: Ingress metadata: annotations: kubernetes.io/ingress.class: nginx cert-manager.io/cluster-issuer: letsencrypt-staging spec: rules: - host: mytest.example.fr http: paths: - path: / pathType: Prefix backend: service: name: webapp port: number: 80 tls: - hosts: - mytest.example.fr secretName: letsencrypt-staging
But when i try to get an certificate i get ‘no resources found’
Any idea ?
Thank you for your help
2
Answers
Certificates are not created automatically by cert-manager.
You have to create a YAML yourself. And use the issuer name that you have already created
If you don’t want to create kind certificate you can use
ingress will call clusterisser and it will auto-create certificate for you.
Update ingress resources as per need if you are higher version 1.18 or above
Notes
Make sure you are using the URL
https://acme-v02.api.letsencrypt.org/directory
in clusterissue or else you will get fake certificate in browser.For refrence you can read more here :
https://stackoverflow.com/a/55183209/5525824
Make sure also you ingress pointing to proper clusterissuer if
you have created new.
Also don’t use same privateKeySecretRef:name: secret-name you
need to delete it or use the new name as fake certificate
now stored in that secret so.