Using Cert manager to generate certificates fails
ppodevlabs opened this issue · comments
Bug description
Deploy capsule-proxy with cert-manager to generate the certificates fails.
The certificate request includes the fqdn for the service created. https://github.com/clastix/capsule-proxy/blob/master/charts/capsule-proxy/templates/certmanager.yaml#L48-L49 which contains invalid fqdn making the deployment to fail as the certficate never get into a valid state.
How to reproduce
Configure the deployment to use cert-manager to generate the certificate
certManager:
generateCertificates: true
externalCA:
secretName: "capsule-proxy"
issuer:
kind: ClusterIssuer # Issuer or ClusterIssuer
name: letsencrypt
Expected behavior
The deployment should be successful when using cert-manager to generate the certificates.
Logs
urn:ietf:params:acme:error:malformed: [dns: capsule-proxy] Error creating new order :: Domain name needs at least one dot
urn:ietf:params:acme:error:malformed: [dns: capsule-proxy.capsule-system.svc] Error creating new order :: Domain name does not end with a valid public suffix (TLD)
Hi @@ppodevlabs,
thanks for sharing the issue.
I think so @prometherion. I've just asked for a feedback on a change I proposed on that.
So @ppodevlabs, I ask for a bit of patience on this, the PR is already under review :-)
@oliverbaehler QQ, is #346 addressing this need, too?
Wondering if we could close this, if it's so.
@prometherion i dont think so, i will add additional values to execlude our default local fqdns