Это статус моего сертификата:
Status:
Conditions:
Last Transition Time: 2021-04-07T21:43:09Z
Message: Issuing certificate as Secret does not exist
Reason: DoesNotExist
Status: True
Type: Issuing
Last Transition Time: 2021-04-07T21:43:10Z
Message: Certificate is up to date and has not expired
Reason: Ready
Status: True
Type: Ready
Next Private Key Secret Name: homeautomation-tls-secret-rcq5l
Not After: 2021-07-06T21:43:10Z
Not Before: 2021-04-07T21:43:10Z
Renewal Time: 2021-06-06T21:43:10Z
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Issuing 13m cert-manager Issuing certificate as Secret does not exist
Normal Generated 13m cert-manager Stored new private key in temporary Secret resource "homeautomation-tls-secret-rcq5l"
Normal Requested 13m cert-manager Created new CertificateRequest resource "homeautomation-tls-secret-wzvm8"
Normal Issuing 13m (x2 over 13m) cert-manager Issued temporary certificate
Проверяя Challenge, я получаю следующее:
Status:
Presented: true
Processing: true
Reason: Waiting for HTTP-01 challenge propagation: did not get expected response when querying endpoint, expected "dD7r5-43sZ_9SXZWHsK6I3WRO1mP4EMeJx3zwcvNsfo.QCUeQgKws4fAcr_fkpJwEpGdXCzbNMUU-CH3SUIrGK0" but got:
State: pending
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Started 6m30s cert-manager Challenge scheduled for processing
Normal Presented 6m30s cert-manager Presented challenge using HTTP-01 challenge mechanism
Когда я пытаюсь просмотреть сайт в Firefox, я получаю:
Код ошибки: SEC_ERROR_UNKNOWN_ISSUER
Похоже, мне выдан временный самозаверяющий сертификат, но не настоящий сертификат letsencrypt.
На моем Ingress есть следующие аннотации:
annotations:
cert-manager.io/cluster-issuer: letsencrypt-prod
cert-manager.io/issue-temporary-certificate: "true"
acme.cert-manager.io/http01-edit-in-place: "true"
В чем может быть проблема?