Spec:
Dns Names:
hello-world.info
Issuer Ref:
Kind: ClusterIssuer
Name: my-prod-ca
Secret Name: my-prod-ca
Status:
Conditions:
Last Transition Time: 2022-05-31T07:34:26Z
Message: Existing issued Secret is not up to date for spec: [spec.dnsNames]
Observed Generation: 1
Reason: SecretMismatch
Status: False
Type: Ready
Last Transition Time: 2022-05-31T07:34:27Z
Message: Issuing certificate as Secret was previously issued by Issuer.cert-manager.io/
Observed Generation: 1
Reason: IncorrectIssuer
Status: True
Type: Issuing
Next Private Key Secret Name: my-prod-ca-5vprj
Not After: 2027-05-24T18:22:32Z
Not Before: 2022-05-25T18:22:32Z
Renewal Time: 2025-09-23T10:22:32Z
Events:
Type Reason Age From Message
Normal Issuing 32s cert-manager-certificates-trigger Issuing certificate as Secret was previously issued by Issuer.cert-manager.io/
Normal Reused 32s cert-manager-certificates-key-manager Reusing private key stored in existing Secret resource "my-prod-ca"
Normal Requested 32s cert-manager-certificates-request-manager Created new CertificateRequest resource "my-prod-ca-9tx6x"
Status:
Conditions:
Last Transition Time: 2022-05-31T07:34:27Z
Message: Certificate request has been approved by cert-manager.io
Reason: cert-manager.io
Status: True
Type: Approved
Last Transition Time: 2022-05-31T07:34:27Z
Message: Waiting on certificate issuance from order cert-manager/my-prod-ca-9tx6x-216457662: "pending"
Reason: Pending
Status: False
Type: Ready
Events:
Type Reason Age From Message
Normal cert-manager.io 5m50s cert-manager-certificaterequests-approver Certificate request has been approved by cert-manager.io
Normal OrderCreated 5m50s cert-manager-certificaterequests-issuer-acme Created Order resource cert-manager/kvib-prod-ca-9tx6x-216457662
Normal OrderPending 5m50s cert-manager-certificaterequests-issuer-acme Waiting on certificate issuance from order cert-manager/my-prod-ca-9tx6x-216457662: ""
kubectl get challenges -n cert-manager -o wide
NAME STATE DOMAIN REASON AGE
my-prod-ca-ggk7j-216457662-1544531956 pending hello-world.info Waiting for HTTP-01 challenge propagation: did not get expected response when querying endpoint, expected "yhwVXOSNllPT9doj0mQLcj-CbfUZA84tSBAmduZQhaU.kX63bjdEt7luokUfr6xQeQYmqAiAYRlzy67kTiOkUIY" but got: <!doctype html><html lan... (truncated) 21m
If you do your server is not properly responding to acme challenge requests. Instead, it is sending out some sort of ad block page from a parking site.
We usually don't close threads unless there is an issue with it (spam/flamewars/trolling). We'd rather mark a specific post as "Solution", which should also be possible for the person starting the thread.