the ingress shim I think is buggy or something… here’s a sample issuer config
kind: ClusterIssuer
metadata:
name: letsencrypt
spec:
acme:
# The ACME production api URL
server: https://acme-v01.api.letsencrypt.org/directory
# Email address used for ACME registration
email: tools@whateveremail.com
# Name of a secret used to store the ACME account private key
privateKeySecretRef:
name: letsencrypt-production
# Enable the HTTP-01 challenge provider
http01: {}
and a sample Certificate
apiVersion: certmanager.k8s.io/v1alpha1
kind: Certificate
metadata:
name: www-something-com
namespace: namespacetouse
spec:
secretName: www-something-com-tls
issuerRef:
name: letsencrypt
kind: ClusterIssuer
commonName: thedomain
dnsNames:
- thedomain
acme:
config:
- http01:
ingressClass: nginx
domains:
- thedomain