Cert-manager: Istio ingress and Certmanager http01 support

Created on 10 Apr 2019  路  9Comments  路  Source: jetstack/cert-manager

Support for http-01 challenges when using Istio ingress

Currently I can't see that there is any mention of http-01 challenge support when using Istio as ingress gateways ?

Istio 1.1.x
Kubernetes 1.13.x
Certmanager 0.7.0

/kind feature

kinfeature
Source
picture ekarlso

Most helpful comment

It is possible: https://medium.com/@gregoire.waymel/istio-cert-manager-lets-encrypt-demystified-c1cbed011d67 Not working in my case though. Although I feel this has to do with mtls being enabled. While the acme-solver pods have the annotation inject-sidecar set to false.

picture spekr on 8 May 2019
👍2 👀1

All 9 comments

It is possible: https://medium.com/@gregoire.waymel/istio-cert-manager-lets-encrypt-demystified-c1cbed011d67 Not working in my case though. Although I feel this has to do with mtls being enabled. While the acme-solver pods have the annotation inject-sidecar set to false.

spekr picture spekr on 8 May 2019
👍2 👀1

Issues go stale after 90d of inactivity.
Mark the issue as fresh with /remove-lifecycle stale.
Stale issues rot after an additional 30d of inactivity and eventually close.
If this issue is safe to close now please do so with /close.
Send feedback to jetstack.
/lifecycle stale

retest-bot picture retest-bot on 6 Aug 2019

/remove-lifecycle stale

cpick picture cpick on 6 Aug 2019

I think this issue should be about the case when mTLS is enabled, as @spekr mentioned. There is also another issue open for this (or something similar) with potential workarounds and more discussion here: https://github.com/jetstack/cert-manager/issues/1636

lentzi90 picture lentzi90 on 16 Aug 2019

Issues go stale after 90d of inactivity.
Mark the issue as fresh with /remove-lifecycle stale.
Stale issues rot after an additional 30d of inactivity and eventually close.
If this issue is safe to close now please do so with /close.
Send feedback to jetstack.
/lifecycle stale

retest-bot picture retest-bot on 14 Nov 2019

/remove-lifecycle stale

cpick picture cpick on 14 Nov 2019

Issues go stale after 90d of inactivity.
Mark the issue as fresh with /remove-lifecycle stale.
Stale issues rot after an additional 30d of inactivity and eventually close.
If this issue is safe to close now please do so with /close.
Send feedback to jetstack.
/lifecycle stale

retest-bot picture retest-bot on 12 Feb 2020

/remove-lifecycle stale

haf picture haf on 19 Feb 2020

We now have https://github.com/jetstack/cert-manager/issues/1636 and https://github.com/jetstack/cert-manager/issues/2526 to improve our documentation and support for Istio.

I'm going to close this in order to reduce the number of duplicate issues we have open!

munnerz picture munnerz on 24 Apr 2020
Was this page helpful?
0 / 5 - 0 ratings

Related issues

cpick picture cpick  路  3Comments
munjal-patel picture munjal-patel  路  3Comments
Stono picture Stono  路  3Comments
howardjohn picture howardjohn  路  3Comments
jbouzekri picture jbouzekri  路  4Comments