ClusterIssuer not found

bevanjf · August 12, 2021, 7:50am

We are using Terraform and Helm on Azure to set up a new cert-manager and certificate using LetsEncrypt but keep getting an error

When I type:
kubectl describe certificates --all-namespaces

I get the following Issuer information
Issuer Ref:
Group: cert-manager.io
Kind: ClusterIssuer
Name: letsencrypt-staging
Secret Name: tls-secret-staging
Usages:
digital signature
key encipherment
Status:
Conditions:
Last Transition Time: 2021-08-11T19:50:46Z
Message: Issuing certificate as Secret does not exist
Observed Generation: 3
Reason: DoesNotExist
Status: False
Type: Ready
Last Transition Time: 2021-08-11T19:50:46Z
Message: Issuing certificate as Secret does not exist
Observed Generation: 1
Reason: DoesNotExist
Status: True
Type: Issuing
Next Private Key Secret Name: tls-secret-staging-xsdnd
Events:
Type Reason Age From Message

Normal Requested 39m cert-manager Created new CertificateRequest resource "tls-secret-staging-f45qd"

And then when checking the CertificateRequest using "kubectl describe certificaterequest tls-secret-staging-f45qd -n gateway" I get

Status:
Conditions:
Last Transition Time: 2021-08-12T07:03:31Z
Message: Certificate request has been approved by cert-manager.io
Reason: cert-manager.io
Status: True
Type: Approved
Last Transition Time: 2021-08-12T07:03:31Z
Message: Referenced "ClusterIssuer" not found: clusterissuer.cert-manager.io "letsencrypt-staging" not found
Reason: Pending
Status: False
Type: Ready
Events:
Type Reason Age From Message

Normal cert-manager.io 46m cert-manager Certificate request has been approved by cert-manager.io
Normal IssuerNotFound 46m (x5 over 46m) cert-manager Referenced "ClusterIssuer" not found: clusterissuer.cert-manager.io "letsencrypt-staging" not found

webprofusion · August 12, 2021, 8:21am

Hi, see this github issue for cert-manager: ClusterIssuer not found · Issue #2487 · jetstack/cert-manager · GitHub

bevanjf · August 12, 2021, 8:24am

Thanks, already reading through that one but I think we've tried most things on there with no luck.

webprofusion · August 12, 2021, 8:26am

What does your ACME config look like vs ACME | cert-manager ?

You can use opening and closing triple backtick ` to format code

webprofusion · August 12, 2021, 8:34am

And what is the output of kubectl describe clusterissuer letsencrypt-staging?

I presume you already know that lets encrypt staging is for test (fake) certificates.

bevanjf · August 12, 2021, 8:38am

Yes we know. I think we have it working now - the guy who originally set it up came back for an hour and had missed telling us one manual step he used. I'll post our solution as soon as I hear about it

bevanjf · August 12, 2021, 9:30am

We hadn't included the cluster-issuer.yaml and installed it using kubectl

system · September 11, 2021, 9:31am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Unable to create clusterissuer with cert-manager Help	1	1895	May 28, 2022
Certificate.yaml not creating a cert in the tls secret Help	10	1864	March 16, 2023
Can't get staging certificates with cert-manager on openshift Help	2	829	July 10, 2022
Issues with getting a certificate in kubernetes Help	5	5401	November 9, 2022
Azure AKS: Certificate created but status is blank Help	5	427	July 7, 2023

ClusterIssuer not found

Related topics