queue to be emptied once a day

Unprioritized issues older than 7 days (138)

Resolution: Add a priority/ or triage/ label

Average age: 108.1d, Avg wait: 54.5d
ID Au Desc As Rea Cr Up Re Cmntrs Labels Tags
4220 Reuse existing identical certificates 7d 7d 7d
kind/feature
recv
similar
4216 Error getting keypair for CA issuer: error parsing ecdsa private key: x509: failed to parse EC private key: asn1: structure error: length too large 10d 10d 10d
recv
4215 Include example manifests in this repo for reference 10d 10d 10d
recv
4214 Certificate orders get in an unknown state. 10d 10d 10d
kind/bug
recv
4212 Ingress-shim to remove certificates if owned ingress lacks autoCertificateAnnotations 11d 5d 5d
kind/feature
collaborator-last
commented
send
4211 support for importing multiple CA in jks certificates 12d 12d 12d
kind/feature
recv
similar
4210 Syncing secret across namespaces gives error "unable to fetch certificate that owns the secret" 12d 12d 12d
kind/bug
recv
4203 Add a make target for building static manifests with specific image 15d 15d
area/deploy
kind/feature
4196 Enhance CA issuer with HSM support
17d 6d 13d
area/ca
help wanted
kind/feature
author-last
commented
recv
4193 Implement automated krew-index updates
18d 7d 7d
kind/feature
commented
member-last
send
4191 Setting default values for Pod's "resources"?
2
 18d 18d 18d
commented
member-last
send
4189 Support setting a different password for the private key in a Java keystore 19d 10d
area/api
good first issue
help wanted
kind/feature
similar
4187 Upgrade to cert-manager v1.3.1 causes outage on EKS 19d 19d 19d
kind/bug
recv
4180 Add tests to #4138
3wk 3wk 3wk
kind/feature
assigned
assignee-updated
contributor-last
pr-merged
recv
4179 Universal cert-manager installing, uninstalling, debugging and upgrading 3wk 3wk 3wk
recv
4173 Enable domains for no_proxy 3wk 3wk 3wk
kind/feature
author-last
recv
recv-q
4170 Use Dependabot for automatic dependency upgrades 3wk 3wk 3wk
kind/feature
recv
4167 Support for full chain validation on issued certificates
3
3
 3wk 4d 4d
kind/bug
collaborator-last
commented
send
4166 cert-manager should allow to store certificate in vault 3wk 3wk 3wk
kind/feature
recv
similar
4162 The kubectl.kubernetes.io/last-applied-configuration annotation is copied to CertificateRequests
6
 3wk 3d 3d
kind/bug
assigned
assignee-updated
collaborator-last
commented
open-milestone
pr-changes-requested
send
4159 Unable to create venafi issuer with kubernetes 3wk 3wk 3wk
kind/bug
recv
similar
4153 Support DoT (DNS over TLS) for Recursive Nameservers 3wk 3wk 3wk
kind/feature
recv
4148 Kubernetes Ingress Controller Fake Certificate 4wk 3wk 4wk
author-last
recv
4146 Provide cert store format choice for PEM combined
4wk 4wk 4wk
kind/feature
recv
4139 Old Helm charts should be deprecated
4wk 4wk
kind/bug
pr-merged
4135 Exclude some parent labels from being replicated on child objects 4wk 4wk 4wk
kind/feature
author-last
recv
4132 Helm chart should have kubeVersion constraints 4wk 4wk
kind/feature
4120 v1.5 Public Roadmap 5wk 5h 3d
Epic
commented
member-last
pr-reviewed-with-comment
4114 Endless Sync Loop when installing Helm Chart via ArgoCD 5wk 5wk 5wk
kind/bug
author-last
pr-closed
pr-unreviewed
recv
similar
4102 Default leader election namespace to installation namespace 6wk 5wk 5wk
kind/feature
collaborator-last
commented
send
4097 Generating SSL + ingress-nginx issue 6wk 5d 6wk
kind/bug
recv
recv-q
4095 Update private Docker registry path 6wk 6wk 6wk
recv
4086 [CA Issuer] Metrics for getting issuer cert expiration 6wk 6wk 6wk
recv
4077 Incorrect installation information in the Helm chart 7wk 7wk
kind/bug
similar
4076 Incorrect Kubernetes compatibility information in the Helm chart 7wk 7wk
kind/bug
similar
4073 Internal error occurred: failed calling webhook 7wk 6wk 7wk
recv
similar
4071 Add a default value to RevisionHistoryLimit if none is provided in the Certificate
7wk 7wk 7wk
kind/feature
recv
similar
4053 Error setup role to manage Route53 dns01 2mo 17d 2mo
kind/bug
recv
recv-q
4047 Flaky test: //test/integration/certificates 2mo 2mo
kind/bug
kind/flake
similar
4045 Flaky test: //test/integration/validation 2mo 2mo 2mo
kind/bug
kind/flake
commented
member-last
similar
4041 Switch the api versions accepted by validating and mutating webhook to `v1` only 2mo 2mo
kind/cleanup
4033 Automated updates of base images
2mo 2mo 2mo
kind/feature
collaborator-last
commented
pr-merged
4032 Consider ArtifactHub vulnerability scanning 2mo 2mo
kind/feature
4023 Vault generated certificates
4
 2mo 4wk 2mo
kind/bug
pr-new-commits
recv
recv-q
similar
4003 Accepting challenge authorization failed 2mo 2mo 2mo
area/acme/http01
kind/bug
recv
3998 Allow setting caBundle in (Cluster)Issuers to request certificates from https ACME using internal PKI 2mo 2mo 2mo
kind/feature
pr-unreviewed
recv
3992 Add non-CRD yaml file 2mo 13d 13d
area/deploy
commented
member-last
send
3979 Certificates for multiple domains (Let's Encrypt) 2mo 2mo 2mo
author-last
recv
3977 cert-manager-webhook Firewalld Issues 2mo 2mo 2mo
kind/bug
author-last
recv
recv-q
3968 acme http01: 504 Gateway Time-out 2mo 2mo 2mo
area/acme/http01
kind/bug
recv
3967 Does the certificate chain include a root CA certificate by default? 2mo 2mo 2mo
area/venafi
kind/bug
recv
3961 Fix pkg/util/pki TestPrivateKeyEncodings test 2mo 2mo
area/testing
kind/cleanup
3959 Keep USERS.md up to date
2mo 2mo
3958 Sane defaults for Certificate revision history limit
2
 2mo 2mo 2mo
kind/feature
recv
similar
3957 Support JKS trust store for ACME certificates 2mo 14d 2mo
kind/feature
commented
recv-q
send
similar
3952 Add helm install to cert-manager cli 2mo 6wk 6wk
kind/feature
collaborator-last
commented
pr-unreviewed
send
3951 Replace DynamicClient for Istio VirtualService with properly generated client
2mo 2mo 2mo
kind/feature
collaborator-last
commented
pr-merged
send
3949 Option to store selfsigned cert/key pair into two secrets.
2
 2mo 2mo 2mo
kind/feature
recv
3948 Encryption Password for Keystore/Truststore from Vault 2mo 7wk 2mo
kind/feature
author-last
commented
recv
3947 Linting to check API annotations 2mo 2mo
kind/feature
3941 Certificate renewal get stuck if Vault becomes temporarily inaccessible during the the time of renewal.
2mo 2mo 2mo
kind/bug
recv
3930 Add migration tests against forked repositories 2mo 5wk 5wk
commented
member-last
send
3925 Please make all configuration entries under the dns providers etc. work with valueFrom 3mo 3mo 3mo
recv
3924 External Challenge Solver: Support for various Virtual Service implementations 3mo 5wk 5wk
kind/feature
commented
member-last
open-milestone
pr-merged
pr-unreviewed
send
3910 ACME Certificate in "False" state even when order and certificaterequest are completed 3mo 3mo 3mo
kind/bug
author-last
recv
3896 Cert Manager failing to renew certificate
15
 3mo 10d 3mo
kind/bug
recv
recv-q
similar
3890 support more secret type 3mo 3mo 3mo
collaborator-last
commented
send
3884 Certs Owner Reference on secret from issuer
3mo 2mo 2mo
kind/feature
collaborator-last
commented
send
3874 Getting "Error from server: conversion webhook for acme.cert-manager.io/v1alpha2, Kind=Challenge failed: Post https://cert-manager-webhook.cert-manager.svc:443/convert?timeout=30s: service "cert-manager-webhook" not found" 3mo 2mo 3mo
recv
recv-q
similar
3747 Certificate issuerRef should be optional 4mo 4mo 4mo
kind/feature
recv
3743 Excessive DNS caching for DNS verification
4mo 4mo 4mo
kind/bug
recv
3739 Helm chart fails to install CRDs when using ArgoCD 4mo 5wk 4mo
kind/bug
recv
similar
3723 Order stays in an unknown state indefinitely for a particular ingress 4mo 4mo 4mo
kind/bug
recv
3719 DNS-01 broken scenario (GCP Cloud DNS) 4mo 3mo 4mo
kind/bug
author-last
recv
3716 Health check failed as CertificateSource is unhealthy"
4mo 2wk 4mo
kind/bug
recv
recv-q
3715 kube-dns not used for DNS01 challenges 4mo 4mo 4mo
kind/bug
author-last
recv
3691 no_proxy settings not honored helm/kubernetes/vault 5mo 5mo 5mo
kind/bug
recv
3690 renewal stucks and output suspicious logs periodically
5mo 5mo 5mo
kind/bug
author-last
recv
3681 When using a keystore.jks in secret, how can I specify a name for the alias 5mo 5mo 5mo
kind/feature
recv
3677 Provide configuration for delayed certificate update after creation 5mo 5mo 5mo
kind/feature
recv
3676 Configuring LE wildcard cert on EKS w/ Route53 DNS 5mo 5mo 5mo
collaborator-last
commented
send
3673 Create cert-manager container registry 5mo 5mo
kind/cleanup
3671 Transfer repository to the cert-manager organisation 5mo 5mo 5mo
kind/cleanup
commented
member-last
3668 Secure Istio Gateway in Kubernetes using cert-manager. 5mo 5mo 5mo
kind/bug
author-last
recv
3660 order is showing as ready but stuck at the challenges. Not getting all the challenges. 5mo 5mo 5mo
recv
3659 custom DNS01 test fails when secondary nameserver is unresponsive 5mo 5mo 5mo
kind/bug
author-last
recv
3651 Document how to set Issuer and Subject for self-signed certificates
2
 5mo 5mo 5mo
kind/bug
recv
similar
3649 Challenge & secret sometimes not getting created for route53 issuer 5mo 5mo 5mo
kind/bug
recv
3637 BadRequest error when configuring external Vault with Kubernetes authentication
2
 5mo 2wk 5mo
kind/bug
recv
recv-q
3617 Manage etcd, apiserver, controller-manager, scheduler, proxy, kubelet certificates 5mo 5mo 5mo
kind/feature
recv
3609 oauth2: cannot fetch token: Post \https://oauth2.googleapis.com/token": x509: certificate signed by unknown authority" 5mo 5mo 5mo
recv
3608 Unable to renew certificate for some cert hosts with propagation check failed
6mo 5mo 6mo
kind/bug
recv
recv-q
3599 Create certificate issue (showing in progress only) 6mo 6mo 6mo
author-last
recv
recv-q
3592 Ability to not create ca.crt 6mo 5mo 6mo
commented
send
3565 requestmanager_controller got stuck in a loop and stopped generating new certificates afterward
6mo 3mo 6mo
kind/bug
recv
recv-q
3553 ExperimentalCertificateControllers feature gate not available in v1.1 6mo 6mo 6mo
kind/bug
recv
3484 Ingress annotations with external issuer end up in eternal loop - smallstep 7mo 5mo 7mo
kind/bug
author-last
commented
recv
recv-q
3481 cert-manager stops reconciling certificate expiries
2
4
 8mo 5mo 8mo
kind/bug
author-last
commented
recv
recv-q
3448 Self-signed certificate has ready-state: true 8mo 8mo 8mo
kind/bug
recv
3427 Add multiple trustedCertEntries to truststores.
8mo 8mo 8mo
kind/bug
collaborator-last
commented
send
3404 Add support for custom Certificate Extensions
4
 9mo 2wk 2wk
collaborator-last
commented
pr-unreviewed
send
similar
3284 Support for deploying one or more issuers from helm chart 10mo 5mo 10mo
kind/feature
commented
send
3194 Ability to specify utilizing Ambient Credentials for Vault Auth Block
11mo 11mo 11mo
kind/feature
recv
3148 AzureDNS: ability to specify MSI object id or similar for DNS01 cluster issuer
8
 11mo 6d 6d
kind/feature
commented
member-last
pr-merged
send
645 Investigate & add an FAQ/warning about images rolled back after GitOps upgrade 11d 11d 11d
recv
642 Move/ link to Webhook debugging docs 16d 16d 16d
recv
similar
604 Make it so that it is easier to find the doc for fixing webhook issues 6wk 6wk 6wk
recv
600 Remove Helm v2 from Ingress Nginx tutorial
6wk 6wk 6wk
recv
583 cert-manager with ZeroSSL 7wk 19d 7wk
contributor-last
recv
recv-q
579 [Upgrading] Invalid Helm Chart Repository Link 1mo 1mo 1mo
recv
571 Clean up old readthedocs sites
2mo 2mo 2mo
kind/cleanup
commented
member-last
568 Add a diagram for LetsEncrypt cert issuance flow to the docs
3
 2mo 2mo 2mo
recv
562 Discuss why we are still supporting Kubernetes 1.16 and 1.17 and add that to the "supported releases" page
2mo 2mo 2mo
commented
member-last
561 Certificate Resources 2mo 2mo 2mo
recv
similar
559 Update uninstall process doc 2mo 2mo 2mo
recv
554 HTTP Validation, privateKeySecretRef 2mo 6wk 2mo
contributor-last
recv
549 Effort towards a more user-friendly website 2mo 2mo
544 OpenShift 2mo 2mo 2mo
recv
similar
543 Add getting started documentation for users who want to quickly use cert-manager to issue LetsEncrypt certificates
3
 2mo 4wk 4wk
commented
contributor-last
recv-q
542 Document the Istio VirtualService HTTP01 configuration options 2mo 2mo
532 Rework of the landing page (cert-manager.io)
3
 3mo 4wk 4wk
good first issue
help wanted
commented
member-last
send
486 OpenShift - broken link
4mo 2mo 2mo
commented
member-last
send
similar
469 DNS01: Delegated Domains for DNS01 example yaml solvers list items 4mo 4mo 4mo
recv
466 installation/compatiblity 4mo 4mo 4mo
recv
457 cainjector docs are missing the option to inject certs in apiservice resources
4mo 4mo 4mo
recv
454 Cluster Resource Namespace 5mo 5mo 5mo
recv
similar
426 Create a sequence diagram that shows how a certificate gets issued with let's encrypt
2
 5mo 2mo 2mo
commented
member-last
pr-merged
425 Document ocspServers 5mo 5mo 5mo
kind/documentation
commented
member-last
422 Page last modified date incorrect 5mo 5mo 5mo
kind/bug
collaborator-last
commented
send
403 Add to documentation: change default port of webhook when using hostNetwork and default Kubelet port setting 6mo 2mo 5mo
documentation
good first issue
kind/documentation
commented
recv-q
send
386 Uninstalling on Kubernetes - How to delete all those user created resources? 7mo 7mo 7mo
collaborator-last
commented
send
330 Case for CertificatePrivateKey (encoding, algorithm) is wrong (v1) 10mo 9mo 9mo
collaborator-last
commented
send
326 Securing Ingresses with Venafi 10mo 10mo 10mo
collaborator-last
commented
send
295 Route53 11mo 5mo 5mo
kind/documentation
commented
member-last
send
283 Document upgrade path for legacy users of v1.0 11mo 2mo 5mo
kind/documentation
commented
contributor-last
send
31 Move the manual steps of our release process to cmrel commands
2mo 7wk 7wk
commented
member-last
pr-closed
27 Create cert-manager specific testing / release infrastructure
3mo 5wk 2mo
assigned
assignee-updated
commented
member-last
pr-merged
similar
19 Incorrect command line help: should include a --branch argument 10mo 5mo 5mo
kind/cleanup
commented
contributor-last

Uncommented older than 7 days (99)

Resolution: Add a priority/ or triage/ label

Average age: 124.9d, Avg wait: 120.2d
ID Au Desc As Rea Cr Up Re Cmntrs Labels Tags
3909 Make wait time configurable when creating route53 challenge
2
 3mo 3mo 3mo
area/acme/dns01
kind/feature
priority/important-longterm
recv
3898 Allow setting PodDisruptionBudget policies via helm chart 3mo 3mo 3mo
area/deploy
kind/feature
priority/important-longterm
pr-new-commits
recv
3825 restoring parallel setup behaviour for e2e tests 3mo 3mo 3mo
good first issue
help wanted
kind/feature
priority/important-longterm
recv
3780 WSL2 support or is there an existing process in place? 4mo 2mo 4mo
kind/feature
priority/backlog
recv
3777 Non-compliant behaviour: re-POSTing challenge instead of polling authorization 4mo 2d 4mo
kind/bug
priority/awaiting-more-evidence
recv
recv-q
3729 Possible Bug in RFC2136? Or Missconfiguration? 4mo 3mo 4mo
triage/support
recv
3711 Export issued cert into AWS ACM
3
 4mo 3mo 4mo
kind/feature
priority/backlog
recv
3675 Donation of jniebuhr/aws-pca-issuer to the Cert Manager project
2
6
 5mo 2mo 5mo
kind/documentation
kind/feature
priority/backlog
author-last
recv
3655 Specify Name Constraints in CA Certificate 5mo 2mo 5mo
kind/feature
priority/backlog
recv
3653 install cert-manager: Readiness probe failed: HTTP probe failed with statuscode: 500 5mo 2mo 5mo
kind/bug
triage/support
recv
3615 resourceVersion should not be set on objects to be created
8
 5mo 7wk 5mo
kind/bug
triage/needs-information
recv
recv-q
3509 Provide a separate manifest for the cert-manager Namespace resource 7mo 5mo 7mo
kind/feature
priority/important-longterm
recv
3445 Connection refused for cert-manager-webhook service
2
 8mo 8mo 8mo
triage/support
author-last
recv
recv-q
3377 CertManager does not install with default settings
4
 9mo 5mo 9mo
kind/bug
priority/important-soon
recv
recv-q
3020 Ability to convert resources in acme.cert-manager.io group 1y 1y 1y
kind/bug
priority/important-soon
recv
2941 Detect multiple certs pointed to the same secret
2
 1y 11mo 1y
area/monitoring
kind/feature
priority/important-longterm
contributor-last
recv
2926 Add an ability to communicate with Vault via mTLS 1y 1y 1y
area/vault
kind/feature
priority/important-longterm
recv
551 Documentation on how to handle large-scale certificate management & best practices
2
 2mo 2mo 2mo
help wanted
kind/documentation
priority/important-longterm
contributor-last
recv
480 Secret gets UID added to end of name 4mo 3mo 4mo
triage/support
contributor-last
recv
recv-q
76 Upgrading from v0.10 to v0.11 - missing cainjector annotation 2y 11mo 2y
kind/documentation
priority/backlog
contributor-last
recv
56 Route53: document use of "region" field 2y 3mo 2y
documentation
priority/important-longterm
contributor-last
recv
recv-q
78 previously listed items omitted

Important soon, but no updates in 90 days (36)

Resolution: Downgrade to important-longterm

Average age: 290.2d, Avg wait: 39.8d
ID Au Desc As Rea Cr Up Re Cmntrs Labels Tags
3904 Akamai Fast DNS should use V2 API and rename to Edge DNS
3mo 3mo 3mo
area/acme/dns01
kind/bug
kind/feature
priority/important-soon
assigned
assignee-updated
collaborator-last
commented
send
3852 Be able to specify a serviceAccount for the HTTP01 ACME solver pod
3mo 3mo 3mo
kind/feature
priority/important-soon
collaborator-last
commented
pr-closed
send
similar
3848 Wildcard certificates not being resolved correctly. 3mo 3mo 3mo
area/acme/dns01
kind/bug
priority/important-soon
collaborator-last
commented
send
3820 Controller fails to process new certs when there are a large number of pending ones 3mo 3mo 3mo
kind/bug
priority/important-soon
collaborator-last
commented
send
3810 Certificates stuck issuing and unready after cert-manager restart 4mo 3mo 3mo
kind/bug
priority/important-soon
author-last
commented
recv
similar
3796 Intermittent E2E test failure: ERROR: 1 setup jobs failed. Check logs above for details
4mo 3mo 3mo
area/testing
good first issue
kind/flake
priority/important-soon
assigned
assignee-updated
collaborator-last
commented
pr-merged
send
3761 Document a security issue reporting, response, and distribution process
2
5
 4mo 3mo 3mo
kind/documentation
kind/feature
priority/important-soon
assigned
assignee-updated
collaborator-last
commented
pr-merged
send
3738 PKI: inject a time.Time in certificate template functions instead of using time.Now
4mo 3mo 3mo
kind/cleanup
priority/important-soon
assigned
assignee-updated
commented
member-last
pr-merged
send
3704 Document how to manually test cert-manager upgrade in release-process.md 5mo 3mo 3mo
kind/documentation
priority/important-soon
commented
member-last
open-milestone
3672 Change the package import path from jetstack/cert-manager to cert-manager/cert-manager 5mo 3mo 3mo
kind/cleanup
priority/important-soon
collaborator-last
commented
pr-unreviewed
send
3670 Create testing infrastructure for the cert-manager org 5mo 3mo 3mo
kind/cleanup
priority/important-soon
assigned
assignee-updated
commented
member-last
similar
3626 Add Go package comments to all packages 5mo 3mo 3mo
kind/cleanup
kind/documentation
priority/important-soon
assigned
assignee-updated
commented
member-last
send
3612 CLI tool should have a dedicated backup and restore subcomand 5mo 5mo 5mo
area/ctl
kind/feature
priority/important-soon
commented
member-last
send
3576 Cert-manager does not respect TTL
2
 6mo 6mo 6mo
area/acme
area/acme/dns01
kind/feature
priority/important-soon
collaborator-last
commented
send
3555 Venafi E2E tests are all failing
6mo 5mo 5mo
area/testing
area/venafi
priority/important-soon
commented
member-last
pr-merged
3473 Draft a design for handling identity, policy, and certificates.k8s.io adoption 8mo 5mo 8mo
kind/feature
priority/important-soon
assigned
assignee-updated
collaborator-last
commented
pr-merged
pr-new-commits
pr-reviewed-with-comment
send
3455 updated certificate resource is not processed by cert-manager
8mo 8mo 8mo
kind/bug
priority/important-soon
collaborator-last
commented
send
similar
3451 Move repo to cert-manager/cert-manager 8mo 3mo 5mo
Epic
priority/important-soon
assigned
assignee-updated
commented
member-last
send
3435 Race condition while updating commonName
8mo 5mo 5mo
kind/bug
priority/important-soon
commented
member-last
send
3377 CertManager does not install with default settings
4
 9mo 5mo 9mo
kind/bug
priority/important-soon
recv
recv-q
3371 Make deployment matchLabels configurable
9mo 5mo 9mo
kind/feature
priority/important-soon
collaborator-last
commented
pr-closed
send
3188 Add API compatibility tests
11mo 5mo 5mo
area/api
kind/feature
priority/important-soon
assigned
assignee-updated
commented
member-last
open-milestone
send
3145 Ctl command status certificate: Output info about completed CRs 11mo 8mo 8mo
area/ctl
kind/feature
priority/important-soon
collaborator-last
commented
send
3050 Venafi issuer produces a mixture of structured and unstructured log messages from the vcert library 1y 1y 1y
area/venafi
kind/bug
priority/important-soon
collaborator-last
commented
send
3020 Ability to convert resources in acme.cert-manager.io group 1y 1y 1y
kind/bug
priority/important-soon
recv
2988 vault: allowing asynchronous issuance of certificates 1y 11mo
area/vault
kind/feature
priority/important-soon
2902 Cannot decrypt PKCS12 keystore
3
 1y 1y 1y
kind/bug
priority/important-soon
author-last
commented
recv
recv-q
2461 rfc2136 failing with bad signature error
2y 1y 1y
kind/bug
priority/important-soon
collaborator-last
commented
send
1888 Certificate not matching private key when creating multiple ingress resources
12
 2y 3mo 3mo
area/acme
good first issue
help wanted
kind/bug
priority/important-soon
assigned
assignee-updated
collaborator-last
commented
open-milestone
send
459 cert manager is no longer on the OpenShift operator list 4mo 3mo 4mo
priority/important-soon
assigned
assignee-updated
commented
member-last
send
262 [DOCS]: Add info on how to customize kind CertManager when using OperatorHub method on Openshift
1y 6mo 1y
kind/feature
priority/important-soon
author-last
commented
recv
recv-q
229 Documenting resolution for DigitalOcean + HTTP01 "connection timed out" error 1y 11mo
kind/documentation
priority/important-soon
contributor-last
198 Document release process 1y 11mo 11mo
kind/documentation
priority/important-soon
assigned
commented
member-last
send
174 Add documentation for CRD conversion webhook ca injection 1y 11mo 11mo
help wanted
kind/documentation
priority/important-soon
commented
member-last
send
90 Document Certificate Subject Changes 2y 6mo 6mo
good first issue
help wanted
priority/important-soon
collaborator-last
commented
similar
69 SelfSignedIssuer configuration - API reference docs 2y 11mo 11mo
good first issue
help wanted
kind/documentation
priority/important-soon
commented
member-last
send

Important longterm, but no updates in 180 days (28)

Resolution: Downgrade to backlog

Average age: 468.4d, Avg wait: 73.3d
ID Au Desc As Rea Cr Up Re Cmntrs Labels Tags
3366 Export certificate controller sync call duration metrics
9mo 9mo 9mo
kind/feature
priority/important-longterm
collaborator-last
commented
send
3350 Venafi e2e tests: enable more features 9mo 9mo
area/venafi
kind/cleanup
priority/important-longterm
collaborator-last
similar
3294 Certificate Not Found when secret quota exceeded 10mo 10mo 10mo
kind/bug
priority/important-longterm
collaborator-last
commented
send
3291 GitOps based e2e tests 10mo 8mo
area/testing
kind/feature
priority/important-longterm
open-milestone
3283 Passing apiVersion as apiGroup should give a validation error
3
 10mo 9mo 10mo
area/api
kind/bug
priority/important-longterm
commented
send
3181 as a user, I don't known that ACME HTTP01 solvers cannot be used for wildcard certs
2
 11mo 11mo 11mo
area/acme
kind/feature
priority/important-longterm
author-last
commented
recv
3067 Reviewing 'minimum certificate duration' requirements and handling
1y 9mo 11mo
area/api
priority/important-longterm
collaborator-last
commented
open-milestone
pr-closed
pr-merged
send
2998 Challenge failure metrics 1y 11mo 11mo
area/acme
kind/feature
priority/important-longterm
collaborator-last
commented
send
2968 [Google: clouddns]Selected a private zone
1y 11mo 1y
area/acme/dns01
kind/bug
priority/important-longterm
commented
contributor-last
pr-merged
recv
2941 Detect multiple certs pointed to the same secret
2
 1y 11mo 1y
area/monitoring
kind/feature
priority/important-longterm
contributor-last
recv
2926 Add an ability to communicate with Vault via mTLS 1y 1y 1y
area/vault
kind/feature
priority/important-longterm
recv
2894 Add configuration for what SANs are allowed based on namespace 1y 1y 1y
kind/feature
priority/important-longterm
author-last
commented
recv
2877 E2E: [Conformance] Certificates with issuer type ACME DNS01 Issuer should issue a basic, defaulted certificate for a single commonName and distinct dnsName defined by an ingress with annotations 1y 1y 1y
area/acme
kind/flake
priority/important-longterm
commented
recv-q
2817 cainjector fails to start: MutatingWebhookConfiguration not found 1y 1y 1y
area/deploy
kind/bug
priority/important-longterm
commented
contributor-last
recv-q
send
2779 Support AWS Session Tokens
1y 1y 1y
area/acme/dns01
help wanted
kind/feature
priority/important-longterm
collaborator-last
commented
send
2695 Kubelet TLS using external signerName controllers 1y 1y 1y
Epic
kind/feature
priority/important-longterm
assigned
assignee-updated
collaborator-last
commented
send
2617 release-tars: allow plumbing through custom registry through to Helm chart & manifests 1y 1y
area/deploy
kind/feature
priority/important-longterm
2572 OpenAPI based field defaulting 1y 1y 1y
area/api
kind/feature
priority/important-longterm
collaborator-last
commented
send
2488 Signed images 2y 1y 1y
area/deploy
kind/feature
priority/important-longterm
collaborator-last
commented
send
2479 Allow CA issuers to generate their own secrets
5
 2y 1y 1y
area/ca
kind/feature
priority/important-longterm
collaborator-last
commented
send
2454 RBAC rule for showing running cert-manager in a single namespaces 2y 1y
area/deploy
kind/feature
priority/important-longterm
2377 Istio Node Agent Integration 2y 1y 2y
kind/feature
priority/important-longterm
commented
recv-q
send
2243 Add a per-Certificate rate limit to the number of CertificateRequests created
2y 1y 2y
area/api
kind/feature
priority/important-longterm
commented
2178 Handling 'unregistering' certificates from Venafi TPP
2
 2y 7mo 7mo
area/venafi
kind/feature
lifecycle/frozen
priority/important-longterm
collaborator-last
commented
send
2043 Extend end-to-end suite to record total ACME client request count 2y 1y
area/testing
kind/feature
priority/important-longterm
open-milestone
223 Document wildcard certificate tutorial 1y 11mo 1y
kind/documentation
priority/important-longterm
commented
contributor-last
send
178 Order of versions of cert-manager in menu 1y 11mo 1y
kind/documentation
priority/important-longterm
commented
contributor-last
send
154 Documenting repo management process 1y 11mo 1y
kind/documentation
priority/important-longterm
commented
contributor-last
send

Pull Requests: Review Ready (13)

Resolution: Review requests or mark them as do-not-merge/work-in-progress

Average age: 52.0d, Avg wait: 34.5d
ID Au Desc As Rea Cr Up Re Cmntrs Labels Tags
4253 Conversion: Apiextensions v1beta1 -> v1 11min 9min
approved
area/acme
area/acme/dns01
area/api
area/deploy
area/testing
dco-signoff: yes
kind/cleanup
release-note
size/L
collaborator-last
open-milestone
unreviewed
4226 add 'kubectl cert-manager version'
2
 7d 2d 4d
dco-signoff: yes
needs-kind
ok-to-test
release-note
size/XXL
commented
contributor-last
recv
reviewed-with-comment
similar
4072 Add a name to Prometheus scraping service port for Istio compatibillity 7wk 5d 7wk
area/deploy
dco-signoff: yes
needs-kind
needs-ok-to-test
release-note
size/XS
assigned
contributor-last
recv
recv-q
unreviewed
4209 Auto generate README.md & template Chart.yaml using tem 12d 10d 10d
area/deploy
dco-signoff: yes
kind/feature
ok-to-test
release-note
size/XXL
commented
contributor-last
recv
reviewed-with-comment
similar
4161 Update makefile 3wk 13d 13d
approved
dco-signoff: yes
kind/cleanup
release-note-none
size/M
collaborator-last
commented
unreviewed
4199 Auto generate README.md & template Chart.yaml 16d 14d 15d
area/deploy
dco-signoff: yes
needs-kind
ok-to-test
release-note
size/XXL
commented
contributor-last
new-commits
recv
similar
4145 Allow additional namespaceSelector matchExpressions to be configured on ValidatingWebHook 4wk 17d 4wk
area/deploy
dco-signoff: yes
kind/feature
ok-to-test
release-note
size/XS
assigned
assignee-updated
author-last
commented
recv
recv-q
unreviewed
4050 explicitly specify port protocol field to allow server side apply 2mo 4wk 2mo
area/deploy
dco-signoff: yes
needs-kind
needs-ok-to-test
release-note-none
size/XS
assigned
author-last
recv
recv-q
unreviewed
4027 bug: Don't sort json patch operations 2mo 2mo 2mo
approved
dco-signoff: yes
kind/bug
ok-to-test
release-note-none
size/XS
commented
contributor-last
new-commits
recv
545 Update akamai.md 2mo 13d 2mo
dco-signoff: yes
ok-to-test
size/M
author-last
commented
recv
reviewed-with-comment
451 update to ingress. 5mo 6wk 5mo
dco-signoff: no
needs-ok-to-test
size/XS
contributor-last
recv
unreviewed
528 Update "Setting Nameservers for DNS01 Self Check" example 3mo 3mo 3mo
dco-signoff: yes
needs-ok-to-test
size/XS
contributor-last
recv
unreviewed
35 Sort versions when running "cmrel staged" and add cmrel staged --help
2
 1mo 3wk 3wk
approved
dco-signoff: yes
size/M
commented
member-last
new-commits

Unkinded Issues (65)

Resolution: Add a kind/ or triage/support label

Average age: 148.6d, Avg wait: 52.0d
ID Au Desc As Rea Cr Up Re Cmntrs Labels Tags
4250 Support parallel DNS validation for same host 7h 7h 7h
recv
3849 Make debugging e2e tests locally easier 3mo 3mo
area/testing
priority/backlog
3808 Supporting traefik IngressRoute objects?
2
 4mo 3mo 3mo
area/ingress-shim
priority/important-longterm
collaborator-last
commented
send
3325 Waiting for HTTP-01 challenge propagation: wrong status code '404', expected '200'
9
 10mo 2mo 2mo
priority/backlog
collaborator-last
commented
send
similar
2996 cainjector pod restart many times of V0.15.1
2
 1y 11mo 1y
area/cainjector
triage/needs-information
commented
recv
recv-q
401 Bring tutorials up to date 6mo 5mo
priority/important-longterm
354 DigitalOcean access-token should not be base64-encoded 9mo 5mo 9mo
priority/awaiting-more-evidence
author-last
commented
recv
344 Add docs to explain webhooks 9mo 3mo
good first issue
help wanted
priority/important-longterm
contributor-last
320 Document how to install cert-manager using gitops and known issues with particular gitops implementations
10mo 2mo 10mo
documentation
priority/important-soon
commented
contributor-last
2 Set up periodic job to publish an experimental release build
1y 3mo
priority/backlog
assigned
contributor-last
55 previously listed items omitted

Unprioritized Recent Issues (143)

Resolution: Add a priority/ or triage/ label

Average age: 104.5d, Avg wait: 52.6d
ID Au Desc As Rea Cr Up Re Cmntrs Labels Tags
4248 Run cert-manager e2e tests with the race flag
2d 2d
area/testing
kind/cleanup
pr-merged
4246 ACME DNS Challenge and Propagation Delay (NXDOMAIN) 3d 3d 3d
kind/bug
recv
4245 Ingress Shim Certificate Incorrectly Renewed Due To Usages Change 3d 3d
kind/bug
4235 Reconsider error condition on empty secretnames in TLS hosts. 5d 5d 5d
kind/feature
recv
139 previously listed items omitted

Uncommented Recent Issues (3)

Resolution: Add a comment

Average age: 3.0d, Avg wait: 2.3d
ID Au Desc As Rea Cr Up Re Cmntrs Labels Tags
3 previously listed items omitted: #4250 #4246 #4235
New, has multiple reactions, but not important-soon: No matching items
New, has multiple commenters, but not important-soon: No matching items

needs information, has update (5)

Resolution: Comment and remove triage/needs-information tag

Average age: 224.0d, Avg wait: 198.5d
ID Au Desc As Rea Cr Up Re Cmntrs Labels Tags
3748 Cert-manager causes API server panic on clusters with more than 20000 secrets.
2
 4mo 7wk 4mo
kind/bug
triage/needs-information
commented
pr-merged
recv
recv-q
3615 resourceVersion should not be set on objects to be created
8
 5mo 7wk 5mo
kind/bug
triage/needs-information
recv
recv-q
3611 Order expires on renew
5mo 5mo 5mo
kind/bug
triage/needs-information
author-last
commented
recv
3534 cert-manager tries to follow CNAME while "cnameStrategy" is set to "None" 7mo 5mo 5mo
kind/bug
triage/needs-information
author-last
commented
recv
2996 cainjector pod restart many times of V0.15.1
2
 1y 11mo 1y
area/cainjector
triage/needs-information
commented
recv
recv-q

Recently updated issue has a question (2)

Resolution: Add an answer

Average age: 60.2d, Avg wait: 2.0d
ID Au Desc As Rea Cr Up Re Cmntrs Labels Tags
4097 Generating SSL + ingress-nginx issue 6wk 5d 6wk
kind/bug
recv
recv-q
3990 crt.sh is showing certs issued while k8s cluster is showing status as false 2mo 3d 6wk
area/acme
kind/bug
priority/important-soon
commented
recv-q
send
Triage Party v1.3.0