kube.netes 证书不能与让我们加密证书管理器一起使用

Question

I can't seem to get cert-manager working:我似乎无法让证书管理器工作：

$ kubectl get certificates -o wide
NAME         READY   SECRET       ISSUER        STATUS                                         AGE
tls-secret   False   tls-secret   letsencrypt   Issuing certificate as Secret does not exist   115m

$ kubectl get CertificateRequest -o wide
NAME               READY   ISSUER        STATUS                                                                                        AGE
tls-secret-xxxx   False   letsencrypt   Referenced "ClusterIssuer" not found: clusterissuer.cert-manager.io "letsencrypt" not found   113m

my certificate.yaml is:我的 certificate.yaml 是：

apiVersion: cert-manager.io/v1alpha2
kind: Certificate
metadata:
  name: tls-secret
  namespace: default
spec:
  secretName: tls-secret
  dnsNames:
  - aks-xxxx.xxxxx.xxxx.aksapp.io
  acme:
    config:
    - http01:
        ingress:
          name: xxxxxx
      domains:
      - aks-xxxx.xxxxx.xxxx.aksapp.io
  issuerRef:
    name: letsencrypt-staging
    kind: ClusterIssuer

When i get cluster issuers当我获得集群发行者时

  $ kubectl get clusterissuers
    No resources found

any idea whats wrong?知道怎么了吗？

Answer 1

You have not created the clusterissuers so it wont be there.您还没有创建clusterissuers ，所以它不会在那里。

As you have created the certificate you can try the创建证书后，您可以尝试

kubectl get certificate

Your error is clearly saying the issue you have to create the clusterissuers您的错误清楚地说明了您必须创建集群发行者的问题

Referenced "ClusterIssuer" not found: clusterissuer.cert-manager.io "letsencrypt" not found找不到引用的“ClusterIssuer”：找不到 clusterissuer.cert-manager.io“letsencrypt”

Cert-manager site: https://cert-manager.io/docs/证书管理器站点： https://cert-manager.io/docs/

Installation: https://cert-manager.io/docs/installation/安装： https://cert-manager.io/docs/installation/

in single line just apply:在单行中只需应用：

kubectl apply -f https://github.com/jetstack/cert-manager/releases/download/v1.5.3/cert-manager.yaml

how to configure & setup the clusterissuer : https://cert-manager.io/docs/configuration/acme/如何配置和设置集群发行者： https://cert-manager.io/docs/configuration/acme/

Example of cluster issuer & ingress cluster issuer者和ingress示例

apiVersion: cert-manager.io/v1alpha2
kind: ClusterIssuer
metadata:
  name: cluster-issuer-name
  namespace: development
spec:
  acme:
    server: https://acme-v02.api.letsencrypt.org/directory
    email: harsh@example.com
    privateKeySecretRef:
      name: secret-name
    solvers:
    - http01:
        ingress:
          class: nginx-class-name
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  annotations:
    kubernetes.io/ingress.class: nginx-class-name
    cert-manager.io/cluster-issuer: cluster-issuer-name
    nginx.ingress.kubernetes.io/rewrite-target: /
  name: example-ingress
spec:
  rules:
  - host: sub.example.com
    http:
      paths:
      - path: /api
        backend:
          serviceName: service-name
          servicePort: 80
  tls:
  - hosts:
    - sub.example.com
    secretName: secret-name

Answer 2

Try with the latest cert-manager.尝试使用最新的证书管理器。 You'll also need issuer.yaml if you haven't set it up already如果您还没有设置，您还需要 issuer.yaml

kube.netes 证书不能与让我们加密证书管理器一起使用

问题描述

2 个解决方案

解决方案1
1 2021-08-25 18:57:55

解决方案2
0 2021-08-25 11:50:38

kube.netes 证书不能与让我们加密证书管理器一起使用

问题描述

2 个解决方案

解决方案1 1 2021-08-25 18:57:55

解决方案2 0 2021-08-25 11:50:38

解决方案1
1 2021-08-25 18:57:55

解决方案2
0 2021-08-25 11:50:38