K8S:无法使用带有acmedns提供程序的Issuer创建通配符SSL

时间:2018-11-30 13:53:45

标签: ssl kubernetes cert-manager

我尝试使用带有acmedns acme提供程序的k8s certmanager和发行者创建通配SSL证书。我已通过POST请求/ register URL创建了凭据,并成功测试了acmedns。但是,我无法使用k8s颁发者创建新的通配符SSL证书。我在下面添加我的发行人YAML文件,

apiVersion: certmanager.k8s.io/v1alpha1
kind: Issuer
metadata:
  annotations:
 name: letsencrypt-wildcard-prod
namespace: default
spec:
  acme:
    dns01:
      providers:
        acmedns:
          accountSecretRef:
            key: acmedns.json
            name: acme-dns
          host: http://auth.mydomain.com
    email: info@mydomain.com
    privateKeySecretRef:
      name: letsencrypt-prod
    server: https://acme-v02.api.letsencrypt.org/directory

我使用从/ register输出获得的json输出创建了秘密acme-dns。 另外,在此处添加k8s证书YAML 

apiVersion: certmanager.k8s.io/v1alpha1
kind: Certificate
metadata:
  name: wildcard-mydomain.com
  namespace: default
spec:
  acme:
    config:
    - dns01:
        provider: acmedns
      domains:
      - '*.mydomain.com'
  commonName: '*.mydomain.com'
  dnsNames:
  - '*.mydomain.com'
  issuerRef:
    kind: Issuer
    name: letsencrypt-wildcard-prod
  secretName: wildcard-mydomain.com-tls

我从cert-manager收到以下错误:

E1129 16:30:31.881025 1 reflector.go:205] 
github.com/jetstack/cert-manager/pkg/client/informers/
externalversions/factory.go:71: Failed to list
*v1alpha1.Issuer: v1alpha1.IssuerList: Items:
[]v1alpha1.Issuer: v1alpha1.Issuer: Spec: v1alpha1.
IssuerSpec: IssuerConfig: ACME: v1alpha1.ACMEIssuer:
DNS01: v1alpha1.ACMEIssuerDNS01Config: Providers:
[]v1alpha1.ACMEIssuerDNS01Provider:

ReadArrayCB: 
expect [ or n, but found {, error found in #10 byte 
of ...|oviders":{"acmedns":|..., bigger context 
...|81551da95"},
"spec":{"acme":{"dns01":{"providers":
{"acmedns":{"accountSecretRef":{"key":"acmedns.json|...

E1129 16:30:32.887374 1 reflector.go:205] github.com/
jetstack/cert-manager/pkg/client/informers/externalversions
/factory.go:71: Failed to list *v1alpha1.Issuer: v1alpha1.
IssuerList: Items: []v1alpha1.Issuer: v1alpha1.Issuer: 
Spec: v1alpha1.IssuerSpec: IssuerConfig: ACME: v1alpha1.
ACMEIssuer: DNS01: v1alpha1.ACMEIssuerDNS01Config: 
Providers: []v1alpha1.ACMEIssuerDNS01Provider: 

ReadArrayCB: 
expect [ or n, but found {, error found in #10 
byte of ...|oviders":{"acmedns":|..., 

bigger context
...|81551da95"},"spec":{"acme":{"dns01":
{"providers":{"acmedns":{"accountSecretRef":
{"key":"acmedns.json|...

1 个答案:

答案 0 :(得分:0)

检查错误消息(ReadArrayCB: expect [ or n, but found {, error found in #10 byte of ...|oviders":{"acmedns":|...)后,第10行的yaml似乎有问题。请验证以下代码段:

provider: acmedns
相关问题
最新问题