Hello together, I just realized that my certificates from letsencrypt are not updating anymore. Can someone explain me how I can force letsencrypt to update all certifcates in my cluster and how I could debug things that fail?
Thanks a lot for your help.
Best regards,
Christoph
I am currently running cert-manager 0.11.0.
kc get certificate --all-namespaces -o custom-columns=“NAMESPACE:.metdata.namespace,NAME:.metadata.name,OWNER:.metadata.ownerReferences[0].kind,OLD FORMAT:.spec.acme”
NAMESPACE NAME OWNER OLD FORMAT
my-nutri-diary.de-crt Ingress
www.my-nutri-diary.de-crt Ingress
dev-my-nutri-diary-crt Ingress
dev.my-nutri-diary-crt Ingress
dev-my-nutri-diary-crt Ingress
dev-my-nutri-diary-crt Ingress
gitlab-tls-crt Ingress
minio-tls-crt Ingress
registry-tls-crt Ingress
prod.my-nutri-diary-crt Ingress
prod-my-nutri-diary-crt Ingress
prod-my-nutri-diary-crt Ingress
staging.my-nutri-diary-crt Ingress
staging-my-nutri-diary-crt Ingress
staging-my-nutri-diary-crt Ingress
I had a look into the logs of cert-manager. I got lots of error of the following kind. Can someone tell what these errors mean and what might go wrong here?
E0526 21:48:59.272036 1 sync.go:184] cert-manager/controller/challenges “msg”=“propagation check failed” “error”=“wrong status code ‘503’, expected ‘200’” “dnsName”=“gitlab.my-nutri-diary.de” “resource_kind”=“Challenge” “resource_name”=“gitlab-tls-crt-3702062889-1085796334-810123510” “resource_namespace”=“gitlab” “type”=“http-01”
26.5.2020 23:48:59 I0526 21:48:59.272104 1 controller.go:135] cert-manager/controller/challenges “level”=0 “msg”=“finished processing work item” “key”=“gitlab/gitlab-tls-crt-3702062889-1085796334-810123510”
26.5.2020 23:48:59 I0526 21:48:59.324791 1 controller.go:129] cert-manager/controller/challenges “level”=0 “msg”=“syncing item” “key”=“staging-nginx/staging-my-nutri-diary-crt-603438673-3589057284-2184142743”
26.5.2020 23:48:59 I0526 21:48:59.325186 1 pod.go:58] cert-manager/controller/challenges/http01/selfCheck/http01/ensurePod “level”=0 “msg”=“found one existing HTTP01 solver pod” “dnsName”=“staging.my-nutri-diary.de” “related_resource_kind”=“Pod” “related_resource_name”=“cm-acme-http-solver-vn64d” “related_resource_namespace”=“staging-nginx” “resource_kind”=“Challenge” “resource_name”=“staging-my-nutri-diary-crt-603438673-3589057284-2184142743” “resource_namespace”=“staging-nginx” “type”=“http-01”
26.5.2020 23:48:59 I0526 21:48:59.325282 1 service.go:43] cert-manager/controller/challenges/http01/selfCheck/http01/ensureService “level”=0 “msg”=“found one existing HTTP01 solver Service for challenge resource” “dnsName”=“staging.my-nutri-diary.de” “related_resource_kind”=“Service” “related_resource_name”=“cm-acme-http-solver-nfmdx” “related_resource_namespace”=“staging-nginx” “resource_kind”=“Challenge” “resource_name”=“staging-my-nutri-diary-crt-603438673-3589057284-2184142743” “resource_namespace”=“staging-nginx” “type”=“http-01”