CODEWITHSUNDEEP
sslkubernetescert-manager
matt_lethargic
matt_lethargic

Reputation: 2786

Cert Manager - Cluster Issuer Error - tls: handshake failure

I've setup cert mananger on microk8s following these instructions, I had it working 6 months ago but have since had to start again from scratch. Now when I setup my Cluster Issuer I'm getting the error below.

Everything else seems fine and in a good state. I'm struggling to know where to start debugging this.

Error initializing issuer: Get "https://acme-v02.api.letsencrypt.org/directory": remote error: tls: handshake failure

Cluster Issuer yaml

apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
  name: letsencrypt-prod
spec:
  acme:
    email: <myemail>
    server: https://acme-v02.api.letsencrypt.org/directory
    privateKeySecretRef:
      name: prod-issuer-account-key
    solvers:
    - http01:
        ingress:
          class: nginx

UPDATE Some extra info

All pods for cert manager are running, here are the logs

cert-manager pod logs cert-manager-cainjector logs only shows some warnings about deprecated apis cert-mananger-webhook logs

Describe ClusterIssuer

I've tried to get a cert for an ingress resource but it errors saying the cluster issuer isn't in a ready state

Upvotes: 1

Views: 1970

Answers (1)

matt_lethargic
matt_lethargic

Reputation: 2786

After uninstalling and reinstalling everything including Microk8s I tried again no luck. Then I tried using the latest helm chart v1.0.2 which had a newer cert-manager version, seemed to work straight away.

Another note, mainly to myself. This issue was also caused by having search domains setup in netplan, once removed everything started working.

Upvotes: 2

Related Questions