ClusterIssuer not found

We are using Terraform and Helm on Azure to set up a new cert-manager and certificate using LetsEncrypt but keep getting an error

When I type:
kubectl describe certificates --all-namespaces

I get the following Issuer information
Issuer Ref:
Group: cert-manager.io
Kind: ClusterIssuer
Name: letsencrypt-staging
Secret Name: tls-secret-staging
Usages:
digital signature
key encipherment
Status:
Conditions:
Last Transition Time: 2021-08-11T19:50:46Z
Message: Issuing certificate as Secret does not exist
Observed Generation: 3
Reason: DoesNotExist
Status: False
Type: Ready
Last Transition Time: 2021-08-11T19:50:46Z
Message: Issuing certificate as Secret does not exist
Observed Generation: 1
Reason: DoesNotExist
Status: True
Type: Issuing
Next Private Key Secret Name: tls-secret-staging-xsdnd
Events:
Type Reason Age From Message


Normal Requested 39m cert-manager Created new CertificateRequest resource "tls-secret-staging-f45qd"

And then when checking the CertificateRequest using "kubectl describe certificaterequest tls-secret-staging-f45qd -n gateway" I get

Status:
Conditions:
Last Transition Time: 2021-08-12T07:03:31Z
Message: Certificate request has been approved by cert-manager.io
Reason: cert-manager.io
Status: True
Type: Approved
Last Transition Time: 2021-08-12T07:03:31Z
Message: Referenced "ClusterIssuer" not found: clusterissuer.cert-manager.io "letsencrypt-staging" not found
Reason: Pending
Status: False
Type: Ready
Events:
Type Reason Age From Message


Normal cert-manager.io 46m cert-manager Certificate request has been approved by cert-manager.io
Normal IssuerNotFound 46m (x5 over 46m) cert-manager Referenced "ClusterIssuer" not found: clusterissuer.cert-manager.io "letsencrypt-staging" not found

1 Like

Hi, see this github issue for cert-manager: ClusterIssuer not found · Issue #2487 · jetstack/cert-manager · GitHub

2 Likes

Thanks, already reading through that one but I think we've tried most things on there with no luck.

2 Likes

What does your ACME config look like vs ACME | cert-manager ?

You can use opening and closing triple backtick ` to format code

2 Likes

And what is the output of kubectl describe clusterissuer letsencrypt-staging?

I presume you already know that lets encrypt staging is for test (fake) certificates.

2 Likes

Yes we know. I think we have it working now - the guy who originally set it up came back for an hour and had missed telling us one manual step he used. I'll post our solution as soon as I hear about it :slight_smile:

2 Likes

We hadn't included the cluster-issuer.yaml and installed it using kubectl

3 Likes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.