INT 21h

Hi, I am Vladimir Smagin, SysAdmin and Kaptain. Telegram Email / GIT / RSS / GPG

cert-manager can’t resolve new domain to perform HTTP01 challenge

№ 10443 В разделе Sysadmin от December 14th, 2019,
В подшивках: , ,

In ingress resource you created new domain to perform HTTP01 challenge and obtain new LE certificate but something goes wrong in log file:

E1214 14:35:06.644315 1 sync.go:183] cert-manager/controller/challenges "msg"="propagation check failed" "error"="failed to perform self check GET request '': Get dial tcp: lookup on no such host" "dnsName"="" "resource_kind"="Challenge" "resource_name"="tls-test-k8s-blindage-org-749846670-0" "resource_namespace"="testing" "type"="http-01"

… and this error repeats multiple times without any progress. Its managed Kubernetes in DigitalOcean.

To solve this problem just uncomment these lines in Helm chart of cert-manager to provide your own nameservers:

podDnsPolicy: "None"
    - ""
    - ""

Voila! You got new certificate.

Нет комментариев »

Leave a Reply

Your email address will not be published. Required fields are marked *


Облачная платформа

Fortune cookie: "I go the way that Providence dictates with the assurance of a sleepwalker." [Adolf Hitler, Speech, 15 March 1936, Munich, Germany.]