Schedule for blocking older cert-manager versions

Related to this topic about blocking old cert-manager versions, where is the best place to confirm timing for specific versions of cert-manager being blocked by the API? For example, when will cert-manager 0.8 be blocked by the production API? It appears 0.8 is currently blocked by staging, and will be blocked by production in November 2020?

Thank you all!

1 Like

Things are still the same as when I wrote that post. I don’t think we have 0.8.0 blocked in staging but I can check.

In general though, my advice is still to make sure you are updating cert-manager as soon as you can after each release. There are lots of bugs fixed in each release and as far as I can tell old versions are not supported by the maintainers. It’s not yet the sort of software you can leave on an old version for a long period of time (if indeed any such software exists in this day and age :smile:).

2 Likes

Thank you for looking into whether cert-manager 0.8 is being blocked in staging. The error I receive when attempting to issue a cert against the staging API is: Reason: Failed to create order: acme: urn:ietf:params:acme:error:malformed: Method not allowed. I can issue this same cert successfully against the production API.

I agree that best practice is to keep cert-manager updated - we would like to confirm how much time we have to migrate away from v0.8, as we coordinate prerequisites for cert-manager to be upgraded.

Thanks again for your help,

  • Ivan

Ah, this is a different issue. There was a change late in the ACME standardization process to require POSTs for all ACME requests (previously GETs had been allowed for some requests). We’ve started enforcing that in staging since last year.

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.