K
Q

K8S: Unable to Create wildcard SSL using Issuer with acmedns provider

11/30/2018

I have tried to create wildcard SSL certificate using k8s certmanager and issuer with acmedns acme provider. I have created the credentials by POST requesting to /register URL and tested the acmedns successfully. However I am unable to create new wildcard SSL certificate using the k8s issuer. I am adding my issuer YAML file below,

apiVersion: certmanager.k8s.io/v1alpha1
kind: Issuer
metadata:
  annotations:
 name: letsencrypt-wildcard-prod
namespace: default
spec:
  acme:
    dns01:
      providers:
        acmedns:
          accountSecretRef:
            key: acmedns.json
            name: acme-dns
          host: http://auth.mydomain.com
    email: info@mydomain.com
    privateKeySecretRef:
      name: letsencrypt-prod
    server: https://acme-v02.api.letsencrypt.org/directory

I have created the secret acme-dns using the json output got from the /register output. Also, adding the k8s certificate YAML here

apiVersion: certmanager.k8s.io/v1alpha1
kind: Certificate
metadata:
  name: wildcard-mydomain.com
  namespace: default
spec:
  acme:
    config:
    - dns01:
        provider: acmedns
      domains:
      - '*.mydomain.com'
  commonName: '*.mydomain.com'
  dnsNames:
  - '*.mydomain.com'
  issuerRef:
    kind: Issuer
    name: letsencrypt-wildcard-prod
  secretName: wildcard-mydomain.com-tls

I am getting the following error from the cert-manager:

E1129 16:30:31.881025 1 reflector.go:205] 
github.com/jetstack/cert-manager/pkg/client/informers/
externalversions/factory.go:71: Failed to list
*v1alpha1.Issuer: v1alpha1.IssuerList: Items:
[]v1alpha1.Issuer: v1alpha1.Issuer: Spec: v1alpha1.
IssuerSpec: IssuerConfig: ACME: v1alpha1.ACMEIssuer:
DNS01: v1alpha1.ACMEIssuerDNS01Config: Providers:
[]v1alpha1.ACMEIssuerDNS01Provider:

ReadArrayCB: 
expect [ or n, but found {, error found in #10 byte 
of ...|oviders":{"acmedns":|..., bigger context 
...|81551da95"},
"spec":{"acme":{"dns01":{"providers":
{"acmedns":{"accountSecretRef":{"key":"acmedns.json|...

E1129 16:30:32.887374 1 reflector.go:205] github.com/
jetstack/cert-manager/pkg/client/informers/externalversions
/factory.go:71: Failed to list *v1alpha1.Issuer: v1alpha1.
IssuerList: Items: []v1alpha1.Issuer: v1alpha1.Issuer: 
Spec: v1alpha1.IssuerSpec: IssuerConfig: ACME: v1alpha1.
ACMEIssuer: DNS01: v1alpha1.ACMEIssuerDNS01Config: 
Providers: []v1alpha1.ACMEIssuerDNS01Provider: 

ReadArrayCB: 
expect [ or n, but found {, error found in #10 
byte of ...|oviders":{"acmedns":|..., 

bigger context
...|81551da95"},"spec":{"acme":{"dns01":
{"providers":{"acmedns":{"accountSecretRef":
{"key":"acmedns.json|...
-- Basheer.O
cert-manager
kubernetes
ssl

Similar Questions

Running a daemonset on all nodes of a kubernetes cluster
How to trigger alert in Kubernetes using Prometheus Alert Manager
Routing between Kubernetes cluster and Docker container in the VM
Get docker image LABELS via Kubernetes API
Change part of the link depends of environment in typescript

0 Answers