79270575

Date: 2024-12-11 05:50:30
Score: 1
Natty:
Report link

I have been facing an issue while configuring Certificate-Manager with Autopilot GKE Cluster, the error I was getting is below:

Internal error occurred: failed calling webhook "webhook.cert-manager.io":failed to call webhook: Post "https://cert-manager-webhook.cert-manager.svc:443/validate?timeout=30s": tls: failed to verify certificate: x509: certificate signed by unknown authority

I was trying to follow the below document:

https://cert-manager.io/docs/tutorials/getting-started-with-cert-manager-on-google-kubernetes-engine-using-lets-encrypt-for-ingress-ssl/

The discussion on this thread, particularly the below link helped me to troubleshoot and identify the issue:

https://github.com/cert-manager/cert-manager/issues/3717

Basically, you need to install the Cert-Manager through Helm and override the global.leaderElection.namespace with the namespace you are deploying everything into usually it should be cert-manager, so you should execute below commands:

helm repo add jetstack https://charts.jetstack.io

helm repo update

helm install cert-manager jetstack/cert-manager --namespace cert-manager --create-namespace --version v1.6.0 --set global.leaderElection.namespace=cert-manager --set installCRDs=true --set prometheus.enabled=false

Thanks to @Brad J and Priya Gaikwad for putting useful information above.

Reasons:
  • Blacklisted phrase (0.5): Thanks
  • Long answer (-1):
  • Has code block (-0.5):
  • Contains question mark (0.5):
  • User mentioned (1): @Brad
  • Low reputation (0.5):
Posted by: kwick