Closed tgruenert closed 1 year ago
after some deeper analysis - the entry _acme-challenge.example.com. will be placed correctly. But due dns cache or a delayed replication to secondary dns the record _acme-challenge.example.com. will not be answered right in time. setting a larger ttl helps. so my solution is
apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
name: letsencrypt-prod-dns01-wolke8dns
spec:
acme:
server: https://acme-v02.api.letsencrypt.org/directory
...
solvers:
- dns01:
webhook:
config:
# TTL for DNS records
# (in seconds)
# records needs to be replicated to Secondaries, it takes a while
ttl: 360
pdns is on an external host. setup with apikey seams working (all domain names replaced by placeholders)
gives me domain content (attachment) pdns_domain.txt
cert-manger generate log:
What could i´ve done wrong? Thank you in advance.
Edit: add Certificate and ClusterIssuer