Cert-Manager: Propagation check failed, wrong service used by cm-acme-http-solver
Summary
Cert-manager challenge fails for some domains when using multiple subdomains
Steps to reproduce
Delete all tls secrets for your site, then uninstall, reinstall cert-manager
What is the current bug behavior?
An ACME solver ingress gets created with an incorrect target service.
What is the expected correct behavior?
An ACME solver should be created with a correct target service.
Relevant logs and/or screenshots
2020-01-03 21:37:34.099 CET
cert-manager/controller/challenges "msg"="propagation check failed" "error"="wrong status code '503', expected '200'" "dnsName"="****.****.nl" "resource_kind"="Challenge" "resource_name"="production-auto-deploy-tls-2581994053-0" "resource_namespace"="****" "type"="http-01"
2020-01-03 21:37:34.099 CET
cert-manager/controller/challenges "level"=0 "msg"="finished processing work item" "key"="****/production-auto-deploy-tls-2581994053-0"
2020-01-03 21:37:44.134 CET
cert-manager/controller/challenges "msg"="propagation check failed" "error"="wrong status code '503', expected '200'" "dnsName"="****.****.nl" "resource_kind"="Challenge" "resource_name"="production-auto-deploy-tls-2581994053-0" "resource_namespace"="****" "type"="http-01"Results of GitLab environment info
This bug happens on GitLab.com
Possible fixes
This bug was solved in a new version of cert-manager, as discussed here: