Closed mbardelmeijer closed 4 months ago
It looks like cert-manager is trying to validate challenges. Perhaps from a previous time the certificate was allowed? In any case, it's specifically sending challenge connections.
Why not just ignore those logs? (And maybe configure cert-manager to stop as well)
I would also expect that, although the logs are for domains that have been disallowed for quite some time. I'm just now seeing the cert-manager
user agent, I think it might be domains that still have cert-manager configured from the client's end while pointing to our infrastructure. We'll implement a logger filter rule from our end 👍
Thanks for your continued work on certmagic!
Of course - thanks for using CertMagic!
What would you like to have changed?
We use certmagic's OnDemand method to allow and disallow specific domains. If a domain is disallowed, we sometimes still see logs about this domain like:
Why is this feature a useful, necessary, and/or important addition to this project?
This allows us to better filter out these error messages and keep our general logs clean.
What alternatives are there, or what are you doing in the meantime to work around the lack of this feature?
We can look into adding a filter on the
Logger
instance provided to theACMEIssuer
, but looking for info if there might be a better option.