Timeout on WAN:443 when using cert-manager to get certificate

My domain is: bitwarden.whitefamilyserver.com

I ran this command: followed this guide https://docs.cert-manager.io/en/latest/tutorials/acme/quick-start/

It produced this output: (see superuser post)

My web server is (include version): nginx-ingress, running on kubernetes.


I can access the endpoint on both 80 and 443 (with self signed cert), tested from multiple points outside and my network. But when I try to use cert-manager to create a cert, or rather, when it tries to initialize the ClusterIssuer, I get the error:

>Calling GetAccount

>cert-manager/controller/clusterissuers "msg"="failed to verify ACME account" "error"="Get https://acme-staging-v02.api.letsencrypt.org/directory: dial tcp MY-WAN-IP:443: i/o timeout" "related_resource_kind"="Secret" "related_resource_name"="letsencrypt-staging" "related_resource_namespace"="cert-manager" "resource_kind"="ClusterIssuer" "resource_name"="letsencrypt-staging" "resource_namespace"="" 

>cert-manager/controller/clusterissuers "msg"="error setting up issuer" "error"="Get https://acme-staging-v02.api.letsencrypt.org/directory: dial tcp MY-WAN-IP:443: i/o timeout" "resource_kind"="ClusterIssuer" "resource_name"="letsencrypt-staging" "resource_namespace"="" 

>cert-manager/controller/clusterissuers "msg"="re-queuing item  due to error processing" "error"="Get https://acme-staging-v02.api.letsencrypt.org/directory: dial tcp MY-WAN-IP:443: i/o timeout" "key"="letsencrypt-staging" 

When I run curl -kivL -H 'Host: bitwarden.whitefamilyserver.com' 'http://MY-WAN-IP', it connects just fine. So why am I getting a timeout error?

Hi @cclloyd

I’m not so firm with cert-manager error messages.

Isn’t this an error that your machine can’t connect Letsencrypt?

Works

curl https://acme-staging-v02.api.letsencrypt.org/directory
1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.