Comments (6)
yuvagit
commented on May 16, 2024
I got the above error then i deleted the cert "frontend-tls-secret" and recreated again and configured the cert with out an issue. I configured cert for the back end service "captureorder-tls-secret" and got the following error "http-01 self check failed for domain "captureorder...."
Name: captureorder-tls-secret
Namespace: default
Labels:
Annotations:
API Version: certmanager.k8s.io/v1alpha1
Kind: Certificate
Metadata:
Creation Timestamp: 2019-10-17T16:26:55Z
Generation: 106
Owner References:
API Version: extensions/v1beta1
Block Owner Deletion: true
Controller: true
Kind: Ingress
Name: captureorder
UID: 89a33321-fa39-46e5-8875-97e604aefc1e
Resource Version: 111930
Self Link: /apis/certmanager.k8s.io/v1alpha1/namespaces/default/certificates/captureorder-tls-secret
UID: 6d61b41e-b41f-46d8-b7f4-92b0fdda916c
Spec:
Acme:
Config:
Domains:
captureorder.40.119.5.244.nip.io
http01:
Ingress:
Dns Names:
captureorder.40.119.5.244.nip.io
Issuer Ref:
Kind: ClusterIssuer
Name: letsencrypt
Secret Name: captureorder-tls-secret
Status:
Acme:
Order:
Challenges:
Authz URL: https://acme-v02.api.letsencrypt.org/acme/authz-v3/820602804
Domain: captureorder.40.119.5.244.nip.io
http01:
Ingress:
Key: GoSk5MI7sj2ptVtNW6TJgUtlVq_pO3xzkgndl4kixL8.sXSfY3PJyw1vnuPMvmnewk3MO_ESAHfO4cWnQN771Kw
Token: GoSk5MI7sj2ptVtNW6TJgUtlVq_pO3xzkgndl4kixL8
Type: http-01
URL: https://acme-v02.api.letsencrypt.org/acme/chall-v3/820602804/3o3p5Q
Wildcard: false
URL: https://acme-v02.api.letsencrypt.org/acme/order/69597009/1305789186
Conditions:
Last Transition Time: 2019-10-17T18:12:42Z
Message: http-01 self check failed for domain "captureorder.40.119.5.244.nip.io"
Reason: ValidateError
Status: False
Type: Ready
Events:
Here is the metadata for captureorder-ingress-tls.yaml
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: captureorder
annotations:
certmanager.k8s.io/cluster-issuer: letsencrypt
spec:
tls:
- hosts:
- captureorder.40.119.5.244.nip.io
secretName: captureorder-tls-secret
rules:
- captureorder.40.119.5.244.nip.io
- host: captureorder.40.119.5.244.nip.io
http:
paths:- backend:
serviceName: captureorder
servicePort: 80
path: /
- backend:
from aksworkshop.
sabbour
commented on May 16, 2024
Unfortunately, we run into this every once in a while. Let's Encrypt issues a limited number of certificates for each domain and once this runs out, we have to wait again.
The workaround would be to use your own domain.
from aksworkshop.
shapeofarchitect
commented on May 16, 2024
How much time you had to wait - I guess they issue a new 50 certificate next week if following week was the one that had expired certs? Can you confirm ?
from aksworkshop.
sabbour
commented on May 16, 2024
Try to work around this by using a dashed IP in the domain, for example, 12-34-222-77.nio.io
from aksworkshop.
shapeofarchitect
commented on May 16, 2024
How does it matter to use - dash in the subdomains. For example I have abc.xyz as parent domain and I have subdomains foo.abc.xyz and bar.abc.xyz so in any case if I am not allowed to get any more certs for abc.xyz then there is no other way just to wait for next limits correct ?
from aksworkshop.
sabbour
commented on May 16, 2024
Let'sEncrypt treats the dashed notation as a subdomain of nip.io, try it and see if it works for you, and I've been told before that the dashed notation has different limits.
If you're still rate limited, try an alternative service from here https://moss.sh/free-wildcard-dns-services/
Get Outlook for Android<https://aka.ms/ghei36>
…________________________________
From: Vineet Gupta <[email protected]>
Sent: Thursday, March 19, 2020 10:10:44 AM
To: microsoft/aksworkshop <[email protected]>
Cc: Ahmed Sabbour <[email protected]>; State change <[email protected]>
Subject: Re: [microsoft/aksworkshop] too many certificates already issued for: nip.io: see https://letsencrypt.org/docs/rate-limits/ (#29)
How does it matter to use - dash in the subdomains. For example I have abc.xyz as parent domain and I have subdomains foo.abc.xyz and bar.abc.xyz so in any case if I am not allowed to get any more certs for abc.xyz then there is no other way just to wait for next limits correct ?
—
You are receiving this because you modified the open/close state.
Reply to this email directly, view it on GitHub<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fmicrosoft%2Faksworkshop%2Fissues%2F29%23issuecomment-601304311&data=02%7C01%7Casabbour%40microsoft.com%7Cb7fd4000da00406d309d08d7cc287634%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637202346465283882&sdata=0NLPHHrk%2BAV8zzYBQCPmBKHpZpydJuwm%2Bly1l3kZt6A%3D&reserved=0>, or unsubscribe<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fnotifications%2Funsubscribe-auth%2FAAAZLMFUIQVIX6SR2QBHGFDRIJGZJANCNFSM4JBTNM6A&data=02%7C01%7Casabbour%40microsoft.com%7Cb7fd4000da00406d309d08d7cc287634%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637202346465283882&sdata=uBF3iPwbv7DS8o9bwgEig7G8p5AoABZrXweitOcMEbQ%3D&reserved=0>.
from aksworkshop.
Related Issues (20)
- 2.2 Deploy MongoDB fails with doing helm init HOT 2
- Certmanager version is too old HOT 3
- Loadbalancer needs to be explicitly defined as "basic" HOT 1
- site doesn't build locally HOT 1
- Azure Key Vault Steps Missing Secret Value for MongoUser
- Wrong tab name in Monitoring lab description
- Max retries exceeded aks_virtual_node-0.2.0-py2.py3-none-any.whl HOT 1
- AKS Deployments fails on an Azure Pass without registering the network provider HOT 1
- No way to enable cross-scripting in browser
- Azure Cloud Shell has Helm 3 - The lab doesn't support it yet HOT 5
- 1.4 Tasks - Advanced cluster tasks - change Terraform to Azure Key Vault
- Add Blue/Green deployment
- Logs for autoscaler
- CosmosDB with MongoDB API
- replace basic LB with SLB
- helm install: unknown flag --name HOT 1
- AKS
- istio logs a are not showing in Azure monitor.
- Installing nginx-ingress helm chart fails
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from aksworkshop.