piyush-tiwari
commented
2 weeks ago Solved by #76
Instead of adding a new Annotation, we will take an empty/omitted ca.crt field in the secretData as an implication that tls.crt has the entire cert chain.
Cert-manager ACME users generates certificates dynamically, but ca.crt is not generated in this process as described in https://github.com/cert-manager/cert-manager/issues/1571, so as this controller demands ca.crt data in ingresses secrets and because of the cert-manager's issue date, maybe we should look forward into bypassing this issue by simply parsing the tls.crt and extract CA from this instead of looking for the secret's ca.crt.