Join 1M+ other developers and:
- Get help and share knowledge in Q&A
- Subscribe to topics of interest
- Get courses & tools that help you grow as a developer or small business owner
Issue with Waiting for HTTP-01 challenge propagation: failed to perform self check GET request from ACME challenges
I’ve been stuck on this issue for a while now, and even though this is a common issue, I can’t seem to figure it out why the fixes proposed here (https://www.digitalocean.com/community/questions/how-do-i-correct-a-connection-timed-out-error-during-http-01-challenge-propagation-with-cert-manager) do not work for me.
Here’s my manifests:
kind: Service apiVersion: v1 metadata: name: ingress-nginx annotations: # See https://github.com/digitalocean/digitalocean-cloud-controller-manager/blob/master/docs/controllers/services/examples/README.md#accessing-pods-over-a-managed-load-balancer-from-inside-the-cluster service.beta.kubernetes.io/do-loadbalancer-hostname: "kube.mydomain.com" namespace: ingress-nginx labels: app.kubernetes.io/name: ingress-nginx app.kubernetes.io/part-of: ingress-nginx spec: externalTrafficPolicy: Local type: LoadBalancer selector: app.kubernetes.io/name: ingress-nginx app.kubernetes.io/part-of: ingress-nginx ports: - name: http port: 80 targetPort: http - name: https port: 443 targetPort: https
apiVersion: cert-manager.io/v1 kind: ClusterIssuer metadata: name: letsencrypt-cluster-issuer spec: acme: server: https://acme-v02.api.letsencrypt.org/directory email: firstname.lastname@example.org privateKeySecretRef: name: letsencrypt-cluster-issuer-key solvers: - http01: ingress: class: nginx
apiVersion: cert-manager.io/v1 kind: Certificate metadata: name: echo-cert namespace: default spec: dnsNames: - my.domain.com secretName: echo-tls issuerRef: name: letsencrypt-cluster-issuer kind: ClusterIssuer
The url provided by the challenge is accessible via browser and wget, so I’m assuming the issue is with the network within the cluster. Does anyone know how do I fix this issue?
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.×