I have been trying to deploy a cluster with nextcloud following this guide from DO

How to Set Up an Nginx Ingress with Cert-Manager on DigitalOcean Kubernetes

I get to a point where I can get HTTP working with dns pointed to EXTERNAL-IP, but when I try to roll out production issuer it gets stuck in the following state

Name:         nextcloud-tls
Namespace:    default
Labels:       <none>
Annotations:  <none>
API Version:  cert-manager.io/v1alpha2
Kind:         Certificate
Metadata:
  Creation Timestamp:  2020-01-16T22:11:56Z
  Generation:          1
  Owner References:
    API Version:           extensions/v1beta1
    Block Owner Deletion:  true
    Controller:            true
    Kind:                  Ingress
    Name:                  nextcloud-ingress
    UID:                   27973c9d-564d-4b0f-824f-0fd11b2211bd
  Resource Version:        1868
  Self Link:               /apis/cert-manager.io/v1alpha2/namespaces/default/certificates/nextcloud-tls
  UID:                     7ce6ddd9-9b1d-4fde-b3bc-bf48ee4920ea
Spec:
  Dns Names:
    nextcloud.gabrielgio.me
  Issuer Ref:
    Group:      cert-manager.io
    Kind:       ClusterIssuer
    Name:       letsencrypt-prod
  Secret Name:  nextcloud-tls
Status:
  Conditions:
    Last Transition Time:  2020-01-16T22:11:56Z
    Message:               Waiting for CertificateRequest "nextcloud-tls-3534172428" to complete
    Reason:                InProgress
    Status:                False
    Type:                  Ready
Events:
  Type    Reason     Age    From          Message
  ----    ------     ----   ----          -------
  Normal  Requested  4m58s  cert-manager  Created new CertificateRequest resource "nextcloud-tls-3534172428"

And my service has a Kubernetes Ingress Controller Fake Certificate

I can’t pass through this step