Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
It produced this output:3 pods in running condition and I have added a clusterissuer yaml (letsencrypt-production)
The secret added in tls section testui-globalu-com has only tls.key but not tls.crt
Certificate status is Issuing certificate as Secret does not exist
My web server is (include version):
The operating system my web server runs on is (include version):Linux
My hosting provider, if applicable, is:GoDaddy
I can login to a root shell on my machine (yes or no, or I don't know):
I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):Am using Certbot not sure about the version
I believe that you are facing a certificate bootstrapping problem.
You need to either...
have the challenge files served over HTTP and thus not have requests for them redirected to be served over HTTPS (until you have a working certificate)
install a snakeoil/default certificate so that the challenge files can be served over HTTPS (which should be handled by k8s or your ingress controller)
Bear in mind that your tls.key is generated on your server along with your certificate signing request (CSR).
