Cert-manager on Rancher 2.x (via catalogue)

Hi All,

Hoping someone may be able to provide some assistance.

It seems I’m unable to get ingress-shim to actually generate a certificate for any created ingresses (with the annotation kubernetes.io/tls-acme: “true”).

I can see it recognised via the ingress-shim (I used a random workload as the target) with:

I0908 02:40:35.479943 1 controller.go:152] ingress-shim controller: syncing item ‘cattle-system/test4’

08/09/2018 12:40:35 I0908 02:40:35.483316 1 controller.go:166] ingress-shim controller: Finished processing work item “cattle-system/test4”.

Any advice would be appreciated.

I’ve attempted this with ingresses in various namespaces and projects, all have the same effect.

My clusterissuer config is available here:


Found the issue: https://github.com/rancher/rancher/issues/15421

Requires a TLS block in the ingress, which Rancher doesn’t add unless you specify an existing certificate.