search

ixoncloud / cert-manager-webhook-cloudns

A Cert-Manager DNS01 provider for the ClouDNS DNS provider.
Apache License 2.0
5 stars 11 forks source link

this webhook doesnt working #10

Open bittu664 opened 1 year ago

bittu664 commented 1 year ago

hello ixoncloud team, i tried your method following all the steps , but after that when i am creating the ingress file the certs are not getting true .

Screenshot 2023-04-20 at 12 50 40 AM

and when i check kubectl get challenges its shows me that your domain cloudns.acme.ixon.cloud unable to handle request see this screenshot

Screenshot 2023-04-20 at 12 48 22 AM
bittu664 commented 1 year ago

after adding my own group domain :- groupName: mydomain.cloud this shows me this error 

Error presenting challenge: cloudns.acme.mydomain.cloud is forbidden: User "system:serviceaccount:cert-manager:cert-manager" cannot create resource "cloudns" in API group "acme.mydomain.cloud" at the cluster scope

can you guide me what type of rules shoul i add .

And here is my Clusterissuer:-

apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
  name: letsencrypt-prod
spec:
  acme:
    # The ACME server URL
    server: https://acme-v02.api.letsencrypt.org/directory
    # Email address used for ACME registration
    email: cloud@gmail.com
    # Name of a secret used to store the ACME account private key
    privateKeySecretRef:
      name: letsencrypt-prod
    # Enable the DNS-01 challenge provider
    solvers:
    - dns01:
        webhook:
          groupName: acme.mydomain.cloud
          solverName: cloudns
bittu664 commented 1 year ago

after fix for this RBAC , now i am facing this problem, your webhook does not work at all , what should i do pls guide me here. Screenshot 2023-04-23 at 8 47 09 PM

raqbit commented 1 year ago

Hi there, sorry for the late reply.

I'd recommend taking a look at this fork, which has updated the RBAC template. Otherwise I don't really have an idea for why it would not be working. I see the issue seems similar to #9.