Kubernetes cert-manager Issuer using CA root cert. #2434
Unanswered
bradmesserle
asked this question in
General
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
I need to install the ca root cert into kerbernetes cluster so the cert-manager issuer use it when calling the ACME endpoint.
E1016 00:21:27.292243 1 setup.go:265] "failed to register an ACME account" err="Get "https://utly-01/acme/acme/directory\": tls: failed to verify certificate: x509: certificate signed by unknown authority" logger="cert-manager.controller" resource_name="dev-issuer" resource_namespace="cert-manager" resource_kind="Issuer" resource_version="v1" related_resource_name="dev-issuer" related_resource_namespace="cert-manager" related_resource_kind="Secret"
I have also installed the trust-manager.. I tried creating a trust bundle.. but that did not work.
So anyone knows how to get the cert-manager issuer to use my ca's root cert?
This is my yaml for cert-manager..
apiVersion: cert-manager.io/v1
kind: Issuer
metadata:
name: dev-issuer
namespace: cert-manager
spec:
acme:
server: https://utly-01/acme/acme/directory
email: [email protected]
privateKeySecretRef:
name: dev-issuer
solvers:
- dns01:
rfc2136:
nameserver: dns-01:53
tsigKeyName: externaldns
tsigAlgorithm: HMACSHA256
tsigSecretSecretRef:
name: tsig-secret
key: tsig-secret-key
Thank You.
Beta Was this translation helpful? Give feedback.
All reactions