cert-manager: ErrVerifyACMEAccount Post : unsupported protocol scheme "" in v0.3.0-alpha.1
Is this a BUG REPORT or FEATURE REQUEST?:
/kind bug
What happened: I was trying out v0.3.0-alpha.1. The pod starts fine. I created cluster issuer as follows
apiVersion: certmanager.k8s.io/v1alpha1
kind: ClusterIssuer
metadata:
name: letsencrypt-staging
spec:
acme:
# The ACME staging api URL
server: "https://acme-staging.api.letsencrypt.org/directory"
# Email address used for ACME registration
email: "user@email.com"
# Name of a secret used to store the ACME account private key
privateKeySecretRef:
name: letsencrypt-staging-cluster-key-pair
# Enable the HTTP-01 challenge provider
http01: {}
Just after creating, the cert-manager pod started to print these logs continuously
I0418 16:39:53.132938 1 controller.go:138] clusterissuers controller: syncing item 'letsencrypt-staging'
I0418 16:39:53.133006 1 acme.go:159] getting private key (letsencrypt-staging-cluster-key-pair->tls.key) for acme issuer kube-system/letsencrypt-staging
I0418 16:39:53.133673 1 logger.go:67] Calling GetAccount
I0418 16:39:53.556914 1 sync.go:40] Error initializing issuer: Post : unsupported protocol scheme ""
E0418 16:39:53.562217 1 controller.go:147] clusterissuers controller: Re-queuing item "letsencrypt-staging" due to error processing: Post : unsupported protocol scheme ""
On running kubectl get clusterissuer -o yaml, this is the output
Spec:
Acme:
Email: user@email.com
Http 01:
Private Key Secret Ref:
Key:
Name: letsencrypt-staging-cluster-key-pair
Server: https://acme-staging.api.letsencrypt.org/directory
Status:
Acme:
Uri:
Conditions:
Last Transition Time: 2018-04-18T16:39:47Z
Message: Failed to verify ACME account: Post : unsupported protocol scheme ""
Reason: ErrRegisterACMEAccount
Status: False
Type: Ready
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Warning ErrInitIssuer 12m (x12 over 14m) cert-manager Error initializing issuer: Post : unsupported protocol scheme ""
Warning ErrVerifyACMEAccount 3m (x15 over 14m) cert-manager Failed to verify ACME account: Post : unsupported protocol scheme ""
What you expected to happen: The cluster issuer should have got accepted and the cert-manager to not keep queuing.
How to reproduce it (as minimally and precisely as possible):
Install v0.3.0-alpha.1. Create cluster issue as above.
Anything else we need to know?:
Environment:
- Kubernetes version (use
kubectl version): v1.10.1 - Cloud provider or hardware configuration**:
- Install tools: helm v2.8.2
- Others:
About this issue
- Original URL
- State: closed
- Created 6 years ago
- Reactions: 2
- Comments: 17 (6 by maintainers)
There currently isn’t documentation for it.
An example:
We need to get this example, with maybe a little bit of extra text to explain, into the reference docs for ACME certificates before cutting 0.3 itself.
I get the same issue. I am using the latest helm chart available for cert-manager (v 0.3.0) Can you please help?
Events: Type Reason Age From Message
Warning ErrVerifyACMEAccount 25s (x9 over 8m) cert-manager-controller Failed to verify ACME account: Head : unsupported protocol scheme “” Warning ErrInitIssuer 25s (x9 over 8m) cert-manager-controller Error initializing issuer: Head : unsupported protocol scheme “”
We now have an actual upgrading guide which includes this step here: https://cert-manager.readthedocs.io/en/master/admin/upgrading/index.html
On Thu, 6 Sep 2018 at 19:17, necevil notifications@github.com wrote:
I had the same issue and I believe it is related to helm.
Today I tried cert-manager. Version 0.3.0 was published a week ago.
I noticed helm installed an older version - probably because it had a package cache from some time ago:
I
helm delete --purgeandhelm updateand then re-installed with same commandhelm install cert-manager stable/cert-managerRunning
helm updatesolved my problems.I have opened #545 which should fix this and provide a helpful message to users for how they can fix their Issuers 😄