TLS on kubernetes is not getting auto renewed

My infra is in kuberenets AKS. The SSL for the domain are in letsencrypt . Among that 2 domains are not auto renewing recently.
The cert-manager pod logs showing some error as :

E0603 21:33:23.633298       1 sync.go:186] cert-manager/controller/challenges "msg"="propagation check failed" "error"="DNS record for \"www.exam.com\" not yet propagated" "dnsName"="www.exam.com" "resource_kind"="Challenge" "resource_name"="exam-tls-7d9z2-222738062-3704285523" "resource_namespace"="app" "resource_version"="v1" "type"="DNS-01" 
I0603 21:34:37.205647       1 acme.go:209] cert-manager/controller/certificaterequests-issuer-acme/sign "msg"="certificate issued" "related_resource_kind"="Order" "related_resource_name"="exam-tls-7d9z2-222738062" "related_resource_namespace"="app" "related_resource_version"="v1" "resource_kind"="CertificateRequest" "resource_name"="exam-tls-7d9z2" "resource_namespace"="app" "resource_version"="v1" 
I0603 21:34:37.205748       1 conditions.go:250] Found status change for CertificateRequest "exam-tls-7d9z2" condition "Ready": "False" -> "True"; setting lastTransitionTime to 2022-06-03 21:34:37.205742673 +0000 UTC m=+1055982.627847334
I0603 21:34:37.378280       1 controller.go:161] cert-manager/controller/certificates-issuing "msg"="re-queuing item due to optimistic locking on resource" "key"="app/exam-tls" "error"="Operation cannot be fulfilled on certificates.cert-manager.io \"exam-tls\": the object has been modified; please apply your changes to the latest version and try again"
E0603 21:34:37.445644       1 sync.go:503] cert-manager/controller/orders "msg"="failed to finalize Order resource due to bad request, marking Order as failed" "error"="403 urn:ietf:params:acme:error:orderNotReady: Order's status (\"valid\") is not acceptable for finalization" "resource_kind"="Order" "resource_name"="exam-tls-7d9z2-222738062" "resource_namespace"="app" "resource_version"="v1"

I0603 21:34:39.230374       1 controller.go:161] cert-manager/controller/challenges "msg"="re-queuing item due to optimistic locking on resource" "key"="app/exam-tls-7d9z2-222738062-3622010678" "error"="Operation cannot be fulfilled on challenges.acme.cert-manager.io \"exam-tls-7d9z2-222738062-3622010678\": the object has been modified; please apply your changes to the latest version and try again"
I0603 21:34:39.434234       1 controller.go:161] cert-manager/controller/challenges "msg"="re-queuing item due to optimistic locking on resource" "key"="app/exam-tls-7d9z2-222738062-3704285523" "error"="Operation cannot be fulfilled on challenges.acme.cert-manager.io \"exam-tls-7d9z2-222738062-3704285523\": the object has been modified; please apply your changes to the latest version and try again"
E0603 21:34:42.902027       1 controller.go:211] cert-manager/controller/challenges "msg"="challenge in work queue no longer exists" "error"="challenge.acme.cert-manager.io \"exam-tls-7d9z2-222738062-3622010678\" not found"

You might want to consider also posting your issue on a more Kubernetes oriented support channel. I'm not sure your (very brief) post here is going to receive the help you probably require due to (as far as I know) very little people here having knowledge of Kubernetes.

Would you mind suggesting any channels to get a better support on this?

I would if I could. As you might have figured out from my post, I have zero experience with Kubernetes and thus also have absolutely no idea where to get proper support for it. Seeing you're using AKS, perhaps on one of the Azure communities? Just guessing here.

Okay.I understand.Anyways thanks for the support.

It isn't said noone can help you on this Community though, I just suggested also setting out a path somewhere else

Then let me see, Is there anyone have a better knowledge on this

You could try the cert-manager Troubleshooting page

There is a cert-manager github that should have experts to help. I personally have no experience with your setup.

Thanks.Let me see

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.