I have a setup with one Rancher k8s cluster, and one cluster for my apps and services. cert-manager in the rancher cluster is failing to renew the LE certificate. I get this in the log:
I0513 12:19:38.393882 1 controller.go:68] Starting ingress-shim controller │
I0513 12:19:40.617820 1 controller.go:171] certificates controller: syncing item 'cattle-system/tls-rancher-ingress' │
I0513 12:19:40.621714 1 sync.go:312] Preparing certificate cattle-system/tls-rancher-ingress with issuer │
I0513 12:19:40.621791 1 sync.go:319] Renewing certificate... │
I0513 12:19:40.631604 1 sync.go:206] Certificate cattle-system/tls-rancher-ingress scheduled for renewal in -865 hours │
E0513 12:19:40.631758 1 controller.go:180] certificates controller: Re-queuing item "cattle-system/tls-rancher-ingress" due to error processing: error creating x509 certificate: x509: only RSA and ECDSA public keys supported │
I0513 12:19:43.636945 1 controller.go:168] ingress-shim controller: syncing item 'cattle-system/rancher' │
I0513 12:19:43.637109 1 sync.go:140] Certificate "tls-rancher-ingress" for ingress "rancher" already exists │
I0513 12:19:43.650782 1 controller.go:141] issuers controller: syncing item 'cattle-system/rancher' │
I0513 12:19:43.658058 1 setup.go:71] Signing CA verified │
I0513 12:19:43.665711 1 controller.go:155] issuers controller: Finished processing work item "cattle-system/rancher" │
I0513 12:19:43.690981 1 controller.go:182] ingress-shim controller: Finished processing work item "cattle-system/rancher" │
I0513 12:19:44.640130 1 controller.go:171] certificates controller: syncing item 'cattle-system/tls-rancher-ingress' │
I0513 12:19:44.646626 1 sync.go:312] Preparing certificate cattle-system/tls-rancher-ingress with issuer │
I0513 12:19:44.653540 1 sync.go:319] Renewing certificate... │
I0513 12:19:44.684328 1 sync.go:206] Certificate cattle-system/tls-rancher-ingress scheduled for renewal in -865 hours │
E0513 12:19:44.685544 1 controller.go:180] certificates controller: Re-queuing item "cattle-system/tls-rancher-ingress" due to error processing: error creating x509 certificate: x509: only RSA and ECDSA public keys supported
I’ve googled it, and search the issue board for both k8s, cert-manager and Rancher, but I can’t find a fix to it.
Can anyone shed some light on what’s going on here…?
Thanks in advance.