I am using cert-manager with this custom wildcard certificate
apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
name: letsencrypt-myapp-issuer
spec:
acme:
server: https://acme-v02.api.letsencrypt.org/directory
email: app@example.com # CHANGE-ME
privateKeySecretRef:
name: wildcard-myapp-com
solvers:
# ACME DNS-01 provider configurations
- dns01:
cloudDNS:
serviceAccountSecretRef:
name: clouddns-service-account
key: dns-service-account.json
project: myapp
selector:
dnsNames:
- '*.myapp.com'
- myapp.com
---
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: myapp-com-tls
namespace: default
spec:
secretName: myapp-com-tls
issuerRef:
name: letsencrypt-myapp-issuer
commonName: '*.myapp.com'
dnsNames:
- '*.myapp.com'
- myapp.com
I am deploying Nginx ingress with kustomize
spec:
template:
spec:
containers:
- name: controller
args:
- /nginx-ingress-controller
- --publish-service=$(POD_NAMESPACE)/ingress-nginx-controller
- --election-id=ingress-controller-leader
- --controller-class=k8s.io/ingress-nginx
- --ingress-class=nginx
- --configmap=$(POD_NAMESPACE)/ingress-nginx-controller
- --validating-webhook=:8443
- --validating-webhook-certificate=/usr/local/certificates/cert
- --validating-webhook-key=/usr/local/certificates/key
- --default-ssl-certificate=default/myapp-com-tls # NOTE THIS LINE
When I open the logs of the ingress controller, I could see this error
Error loading custom default certificate, falling back to generate ││ local SSL certificate default/myapp-com-tls was not found
What I can do to troubleshoot this?
UPDATE
If I run
kubectl get secret myapp-com-tls --namespace default
It returns nothing. However, if I run
kubectl get secret myapp.com-tls-qpmpr --namespace default
It returns
NAME TYPE DATA AGE
myapp.com-tls-qpmpr Opaque 1 47m
However, if I change to this on YAML, I get the same error
--default-ssl-certificate=default/myapp.com-tls-qpmpr
$ kubectl describe certificates myapp-com-tls -n cert-manager
Error from server (NotFound): certificates.cert-manager.io "myapp-com-tls" not found
