From 2f38ef4f80618b298b07bd7a41ddcbbfa5032015 Mon Sep 17 00:00:00 2001 From: Jan-Philipp Litza Date: Tue, 26 Nov 2024 15:59:46 +0100 Subject: [PATCH] acme troubleshooting: how to fix errored challenges Signed-off-by: Jan-Philipp Litza --- content/docs/troubleshooting/acme.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/content/docs/troubleshooting/acme.md b/content/docs/troubleshooting/acme.md index 7763b9ed29a..de7cd9278d2 100644 --- a/content/docs/troubleshooting/acme.md +++ b/content/docs/troubleshooting/acme.md @@ -192,6 +192,8 @@ You can also see some additional information about the state of the [ACME author $ kubectl get challenge -ojsonpath='{.spec.authorizationURL}' ``` +In case your Challenge is in the State "errored", once you resolved the underlying issue, you can safely delete it. cert-manager will then request a new Challenge and retry. + ### HTTP01 troubleshooting First of all check if you can see the challenge URL from the public internet, if this does not work check your Ingress and firewall configuration as well as the service and pod cert-manager created to solve the ACME challenge. If this does work check if your cluster can see it too. It is important to test this from inside a Pod. If you get a connection error it is suggested to check the cluster's network configuration.