Action is required to prevent your Let's Encrypt certificate renewals from
breaking.
You have been using the jetstack-cert-manager/v0.2 client to access the Let's
Encrypt API in the past 60 days, from the IP address a.b.c.d .
This version of jetstack-cert-manager is very aggressive about retrying its
requests, and has been sending our API many requests per second that it will
never complete successfully. We plan to block all API requests from this
version shortly.
We've worked with Jetstack to release an update. Please update to the latest
version of cert-manager, which will reduce the amount of traffic you are
sending to Let's Encrypt. Without an update, your certificate renewals will
break and existing certificates will start to expire.
If you need help, please search our forum to see if your question has been
answered, then open a new thread if it has not: https://community.letsencrypt.org/
Thanks @ezekiel - if possible, more notice would’ve been nice. We got lucky and just made this week’s change control meeting, but could’ve easily missed it with such short notice.
Thanks for the feedback, @rvandegrift! We generally try to provide more advance notice. In this case we had to act fast because all the extant v0.2 clients hit their bug at once, causing a massive increase in traffic for us.
Also, I’d encourage you to keep your cert-manager up-to-date per our Integration Guide.
Thanks for the quick fix, and apologies for the short notice!
We had this email as well and began making the update. Just to add to the feedback already given, it would have been really good to get a better idea of the issue in the email, or even a link to a forum post / bug ticket with more details. We were quite in the dark about when the update was taking place, we of course would want to fix it anyway but it’s tough to know if this is a “lets work late to fix this immedietely” or if this is a “we have 2-3 days to get this working right”.
I ended up posting on the jetstack/cert-manager github repo but couldn’t get any more information. I’ve now linked to this article on that issue but it would have been great to include some more information in the original email.
Our of curiosity, what caused this issue to suddenly arise? We’ve been running cert-manager 0.2 since it was the latest version with no issues. We’ll endevour to keep up to date in the future after this.