cert-manager挑战停留在等待“等待http-01挑战传播:无法执行自检GET请求”

时间:2020-04-30 16:29:10

标签: kubernetes cert-manager

我遇到了一个失败的挑战:

Waiting for http-01 challenge propagation: failed to perform self check GET request,我该如何解决或至少进一步诊断呢?

删除挑战会导致创建具有相同错误的新挑战。令人惊讶的URL响应带有正确的http 200和令牌(http://testabcxyz.ddns.net/.well-known/acme-challenge/8_F7kwZBcjgXPV2pq8GlxHrIcO_WJoNBtyf1hEr4lhk

什么是发起自检的责任?

kubectl describe challenges --all-namespaces
Name:         testabcxyzingress-cert-1968456099-91847910-2604628612
Namespace:    local-testing
Labels:       <none>
Annotations:  <none>
API Version:  acme.cert-manager.io/v1alpha3
Kind:         Challenge
Metadata:
  Creation Timestamp:  2020-04-30T15:13:37Z
  Finalizers:
    finalizer.acme.cert-manager.io
  Generation:  1
  Owner References:
    API Version:           acme.cert-manager.io/v1alpha2
    Block Owner Deletion:  true
    Controller:            true
    Kind:                  Order
    Name:                  testabcxyzingress-cert-1968456099-91847910
    UID:                   93838384-6f45-42d9-a32f-3b051fad55c4
  Resource Version:        1089800
  Self Link:               /apis/acme.cert-manager.io/v1alpha3/namespaces/local-testing/challenges/testabcxyzingress-cert-1968456099-91847910-2604628612
  UID:                     ac318c10-85ce-4a20-b178-a307fd20a039
Spec:
  Authz URL:  https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/52738879
  Dns Name:   testabcxyz.ddns.net
  Issuer Ref:
    Group:  cert-manager.io
    Kind:   ClusterIssuer
    Name:   letsencrypt-staging
  Key:      zzzzzzzzzzzzzzzzzzzzzzzzzzzzz
  Solver:
    http01:
      Ingress:
        Class:  nginx
  Token:        zzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzz
  Type:         http-01
  URL:          https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/52738879/kysudg
  Wildcard:     false
Status:
  Presented:   true
  Processing:  true
  Reason:      Waiting for http-01 challenge propagation: failed to perform self check GET request 'http://testabcxyz.ddns.net/.well-known/acme-challenge/8_F7kwZBcjgXPV2pq8GlxHrIcO_WJoNBtyf1hEr4lhk': Get "http://testabcxyz.ddns.net/.well-known/acme-challenge/8_F7kwZBcjgXPV2pq8GlxHrIcO_WJoNBtyf1hEr4lhk": dial tcp 174.138.100.234:80: connect: connection timed out
  State:       pending
Events:        <none>
<Paste>

1 个答案:

答案 0 :(得分:1)

这最终解决了,我不记得自己做了什么。我认为在进行kubectl describe orders时还会出现其他错误消息。

相关问题
最新问题