-
Notifications
You must be signed in to change notification settings - Fork 13
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Issue with Lets Encrypt and Host CRD #53
Comments
I have the same issue with GCP. Even the first host fails some times |
Hi there, This is a known issue that will be solved in a future release. Currently when there are no Unfortunately this information was not more visible in our documentation. We've added information about this issue and workaround to all of the ACME documents now until it is resolved in a release. You can follow this document to quickly get started with your own wildcard host and self-signed certificate. Thanks for bringing this to our attention and please let us know if you have any other issues getting started with this. |
Thank you for your help @AliceProxy. However, I still can't use ACME cert management... apiVersion: getambassador.io/v3alpha1
kind: Listener
metadata:
name: edge-stack-listener-8443
namespace: ambassador
spec:
port: 8443
protocol: HTTPS
securityModel: XFP
hostBinding:
namespace:
from: ALL
---
apiVersion: getambassador.io/v3alpha1
kind: Host
metadata:
name: wildcard-host
spec:
hostname: "*"
acmeProvider:
authority: none
tlsSecret:
name: tls-cert
---
apiVersion: getambassador.io/v3alpha1
kind: Host
metadata:
name: grafana-host
spec:
hostname: "mylink.example" # Just replaced to post
acmeProvider:
email: "[email protected]" These are the events in kubectl describe grafana-host
And these are logs in the edge-stack pod:
|
I have AWS EKS behind AWS Load Balancer
Lets Encrypt doesn't work at all with AWS NLB, and by using AWS Classic Load Balancer, i am able to register ONLY one host, after that for every other host i am getting the error ACME 403 Unauthenticated
this same error i am getting also when i use AWS NLB
error:
The single validated host (test.mydomain.com), with AWS Classic Load Balancer, is reachable and doesn't have any other issue
Setup:
EKS 1.21 (newly created - Edge Stack is the first resource)
Edge-stack 2.0.5
The text was updated successfully, but these errors were encountered: