I have kubernetes running in azure (aks). I want to create some certificates using cert manager. So i configured the cluster issuer as follow:
apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
name: test-cluster-issuer
spec:
acme:
server: https://acme-v02.api.letsencrypt.org/directory
email: <my-email>
privateKeySecretRef:
name: test-cluster-issuer
solvers:
- http01:
ingress:
class: istio
---
apiVersion: networking.k8s.io/v1
kind: IngressClass
metadata:
name: istio
spec:
controller: istio.io/ingress-controller
so far al good, i tried to create a Certificate kind.
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: istio-cert
namespace: istio-system
spec:
secretName: istio-cert
dnsNames:
- dns1.example.com
- dns2.example.com
- dns3.example.com
- dns4.example.com
- dns5.example.com
- dns6.example.com
- dns7.example.com
- dns8.example.com
- dns9.example.com
- dns10.example.com
- dns11.example.com
issuerRef:
name: test-cluster-issuer
kind: ClusterIssuer
group: cert-manager.io
when i apply the certificate yaml, i go to check the kubectl challenges and all goes well, all the dns are valid and registered, the describe
on the certificate shows the expire date and renew and all the dns names i passed in the yaml file. But when i hit on some of those url (random everytime) some of them have a certificate attached, others no.
Am i doing something wrong here? because i am really confused why every time i run the certificates, the ssl cert is working on random dns and not others.
I hope i explained properly the issue and ifnot and you need more details, please do not hesitate to ask for more details. Thank you so much