queue to be emptied once a day

Unprioritized issues older than 7 days (174)

Resolution: Add a priority/ or triage/ label

Average age: 128.9d, Avg wait: 70.2d
ID Au Desc As Rea Cr Up Re Cmntrs Labels Tags
4445 The deprecated Helm value `securityContext.enabled` should be removed 9d 3d
good first issue
kind/cleanup
assigned
assignee-updated
contributor-last
pr-reviewed-with-comment
4443 cm-acme ingress does not get updated 10d 10d 10d
recv
4441 Order stuck in errored state 11d 9d 9d
kind/bug
author-last
commented
recv
4440 cert-manager check api: request canceled while waiting for connection (Client.Timeout exceeded while awaiting headers)
5
11d 9d 11d
kind/bug
author-last
recv
recv-q
4438 Multiple solver types with matchLabels cluster-issuer not working 12d 12d 12d
recv
4437 CM continues requeuing inexisting items 12d 12d 12d
kind/bug
author-last
recv
recv-q
4434 Operator projects using the removed APIs in k8s 1.22 requires changes.
16d 3d 3d
commented
member-last
send
4427 Unable to request wildcard certificate with ACME client 17d 17d 17d
kind/bug
recv
4425 WebHook error 18d 5d 5d
kind/bug
commented
member-last
send
4424 Add support for setting multiple DC fields to Certificate, to allow for LDAP client authentication 18d 13d 14d
kind/feature
commented
member-last
send
4423 Cert renewal loop
18d 18d 18d
recv
4422 DNS01 challenge with Route 53 fails: 'Endpoint' configuration is required for this service 19d 19d 19d
kind/bug
recv
4420 ACME DNS solver error "account credentials not found for domain" 2wk 2wk 2wk
kind/bug
recv
4418 cert-manager is not able to create CertificateRequest
3wk 3d 2wk
author-last
commented
recv
similar
4417 to support Venafi TPP CADN parameter 3wk 3wk 3wk
kind/feature
recv
4413 Clusterissuer preferredChain does not choice the ISRG X1 root certificate 3wk 2d 2d
kind/bug
commented
member-last
send
4411 Private key reuse errors with Venafi TPP
3wk 16d 3wk
kind/bug
area/venafi
recv
recv-q
4410 Support configuration via operator subscription
3wk 2wk 3wk
kind/feature
recv
4380 Stop serving the deprecated API versions 4wk 4wk
kind/cleanup
4375 cert-manager ignores existing controller OwnerReferences on secrets 4wk 4wk 4wk
kind/bug
recv
4374 version checker tests failing
4wk 4wk
kind/flake
contributor-last
4368 Memory leak in cainjector 4wk 4wk 4wk
recv
4360 Allow default Certificate settings to be defined within your Issuer configuration 5wk 5wk 5wk
kind/feature
recv
similar
4357 Flaky test: //test/integration/ctl TestCtlCreateCRBeforeCRIsCreated
5wk 5wk
kind/bug
kind/flake
pr-merged
4351 Flaky test: TestValidateCertificate/invalid_with_disallowed_'CertificateSecretTemplate'_annotations
5wk 4d
kind/bug
kind/flake
contributor-last
pr-merged
recv-q
4349 allowing greater configuration for the cloud provider tests
5wk 5wk 5wk
kind/feature
recv
4340 cert-manager - No client certificate CA names sent 5wk 5wk 5wk
recv
similar
4334 Using service-account directly for Vault authentication? 5wk 5wk 5wk
kind/feature
author-last
recv
similar
4331 Add Uninstall & Upgrade commands to `kubectl cert-manager`
5wk 5wk 5wk
kind/feature
pr-closed
recv
similar
4316 Recursive nameservers for multiple domain 6wk 6wk 6wk
kind/bug
recv
4303 Allow azuredns serviceprincipal configuration from secret 6wk 3wk 6wk
kind/feature
recv
4296 Kubectl plugin - error when getting Certificate 6wk 6wk 6wk
recv
similar
4292 Annotations and Labels must be removed from the Secret when removed from secretTemplate
6wk 6wk 6wk
kind/feature
pr-merged
recv
4289 Changing a Certificate keystores specification should update certificate Secret 7wk 7wk 7wk
kind/bug
recv
4288 Support for custom Ingress crds for http01 resolution
7wk 6wk 6wk
kind/feature
collaborator-last
commented
send
4286 support custom dns server for acme http challenges
7wk 7wk 7wk
kind/feature
pr-unreviewed
recv
4281 Can't deploy Issuer 7wk 13d 7wk
kind/bug
commented
recv
recv-q
4273 DNS01 Validation Failing: No OpenIDConnect provider found in your account 7wk 7wk 7wk
recv
4266 The automountServiceAccountToken configuration option in the Helm chart is probably unusable / unnecessary
7wk 7wk 7wk
kind/bug
commented
member-last
pr-merged
4263 Issuer Fallback 7wk 7wk 7wk
kind/feature
recv
4259 The app and app.kubernetes.io/name labels should contain `cert-manager` rather than component names
7wk 7wk 7wk
kind/bug
collaborator-last
commented
pr-merged
send
4250 Support parallel DNS validation for same host 1mo 1mo 1mo
recv
4248 Run cert-manager e2e tests with the race flag
1mo 1mo
kind/cleanup
area/testing
pr-merged
4246 ACME DNS Challenge and Propagation Delay (NXDOMAIN)
2
1mo 5wk 1mo
kind/bug
recv
4245 Ingress Shim Certificate Incorrectly Renewed Due To Usages Change
1mo 4d 4d
kind/bug
commented
member-last
send
4235 Reconsider error condition on empty secretnames in TLS hosts. 2mo 2mo 2mo
kind/feature
recv
4220 Reuse existing identical certificates 2mo 2mo 2mo
kind/feature
recv
similar
4216 Error getting keypair for CA issuer: error parsing ecdsa private key: x509: failed to parse EC private key: asn1: structure error: length too large 2mo 2mo 2mo
recv
4215 Include example manifests in this repo for reference 2mo 2mo 2mo
recv
4212 Ingress-shim to remove certificates if owned ingress lacks autoCertificateAnnotations 2mo 2mo 2mo
kind/feature
collaborator-last
commented
send
4211 support for importing multiple CA in jks certificates 2mo 2mo 2mo
kind/feature
recv
similar
4210 Syncing secret across namespaces gives error "unable to fetch certificate that owns the secret" 2mo 2mo 2mo
kind/bug
recv
4203 Add a make target for building static manifests with specific image 2mo 2mo
kind/feature
area/deploy
4196 Enhance CA issuer with HSM support
2mo 4wk 2mo
help wanted
kind/feature
area/ca
commented
recv
4191 Setting default values for Pod's "resources"?
2
2mo 2mo 2mo
commented
member-last
send
4189 Support setting a different password for the private key in a Java keystore
2mo 7d 7d
area/api
good first issue
help wanted
kind/feature
collaborator-last
commented
pr-closed
pr-merged
4187 Upgrade to cert-manager v1.3.1 causes outage on EKS 2mo 5wk 2mo
kind/bug
recv
recv-q
4180 Add tests to #4138
2mo 2mo 2mo
kind/feature
assigned
assignee-updated
contributor-last
pr-merged
recv
4179 Universal cert-manager installing, uninstalling, debugging and upgrading 2mo 2mo 2mo
recv
similar
4173 Enable domains for no_proxy 2mo 2mo 2mo
kind/feature
author-last
recv
recv-q
4170 Use Dependabot for automatic dependency upgrades 2mo 2mo 2mo
kind/feature
recv
4166 cert-manager should allow to store certificate in vault 2mo 2mo 2mo
kind/feature
recv
4159 Unable to create venafi issuer with kubernetes 2mo 2mo 2mo
kind/bug
recv
4153 Support DoT (DNS over TLS) for Recursive Nameservers 2mo 2mo 2mo
kind/feature
recv
4148 Kubernetes Ingress Controller Fake Certificate 2mo 2mo 2mo
author-last
recv
4146 Provide cert store format choice for PEM combined
2mo 2mo 2mo
kind/feature
recv
4139 Old Helm charts should be deprecated
2mo 6wk 6wk
kind/bug
commented
contributor-last
pr-merged
4135 Exclude some parent labels from being replicated on child objects 2mo 2mo 2mo
kind/feature
author-last
recv
4132 Helm chart should have kubeVersion constraints 2mo 2mo
kind/feature
pr-changes-requested
4114 Endless Sync Loop when installing Helm Chart via ArgoCD 3mo 3d 3mo
kind/bug
lifecycle/stale
collaborator-last
pr-closed
pr-unreviewed
recv
similar
4102 Default leader election namespace to installation namespace
3mo 5wk 5wk
kind/feature
commented
member-last
pr-merged
send
4095 Update private Docker registry path 3mo 3d 3mo
lifecycle/stale
collaborator-last
recv
4086 [CA Issuer] Metrics for getting issuer cert expiration 3mo 3d 3mo
lifecycle/stale
collaborator-last
recv
4073 Internal error occurred: failed calling webhook 3mo 3d 3mo
lifecycle/stale
collaborator-last
recv
similar
4071 Add a default value to RevisionHistoryLimit if none is provided in the Certificate
4
3mo 7wk 3mo
kind/feature
recv
similar
4053 Error setup role to manage Route53 dns01
3mo 6wk 3mo
kind/bug
recv
recv-q
4041 Switch the api versions accepted by validating and mutating webhook to `v1` only 4mo 3d
kind/cleanup
lifecycle/stale
collaborator-last
4033 Automated updates of base images
4mo 3d 3d
kind/feature
collaborator-last
commented
pr-merged
4032 Consider ArtifactHub vulnerability scanning 4mo 3d 3d
kind/feature
collaborator-last
commented
4023 Vault generated certificates
4
4mo 2mo 4mo
kind/bug
pr-closed
recv
recv-q
similar
4003 Accepting challenge authorization failed 4mo 3wk 4mo
kind/bug
area/acme/http01
recv
3998 Allow setting caBundle in (Cluster)Issuers to request certificates from https ACME using internal PKI 4mo 3d 3d
kind/feature
lifecycle/stale
commented
member-last
pr-unreviewed
send
3992 Add non-CRD yaml file 4mo 2mo 2mo
area/deploy
commented
member-last
send
3979 Certificates for multiple domains (Let's Encrypt) 4mo 4d 4mo
lifecycle/stale
collaborator-last
recv
3977 cert-manager-webhook Firewalld Issues 4mo 4d 4mo
kind/bug
lifecycle/stale
collaborator-last
recv
recv-q
3968 acme http01: 504 Gateway Time-out
2
4mo 4wk 4mo
kind/bug
area/acme/http01
recv
3967 Does the certificate chain include a root CA certificate by default? 4mo 3d 4mo
kind/bug
lifecycle/stale
area/venafi
collaborator-last
recv
3961 Fix pkg/util/pki TestPrivateKeyEncodings test 4mo 4d
kind/cleanup
lifecycle/stale
area/testing
collaborator-last
3959 Keep USERS.md up to date
4mo 4d
lifecycle/stale
collaborator-last
3958 Sane defaults for Certificate revision history limit
2
4mo 9d 4mo
kind/feature
recv
similar
3957 Support JKS trust store for ACME certificates 4mo 2mo 4mo
kind/feature
commented
recv-q
send
similar
3949 Option to store selfsigned cert/key pair into two secrets.
4
4mo 4d 4mo
kind/feature
lifecycle/stale
collaborator-last
recv
3948 Encryption Password for Keystore/Truststore from Vault
4mo 3d 3mo
kind/feature
lifecycle/stale
collaborator-last
commented
recv
3947 Linting to check API annotations 4mo 4d
kind/feature
lifecycle/stale
collaborator-last
3941 Certificate renewal get stuck if Vault becomes temporarily inaccessible during the the time of renewal.
4mo 4d 4mo
kind/bug
lifecycle/stale
collaborator-last
recv
3930 Add migration tests against forked repositories 4mo 3d 3mo
lifecycle/stale
collaborator-last
commented
send
3925 Please make all configuration entries under the dns providers etc. work with valueFrom 4mo 4d 4mo
lifecycle/stale
collaborator-last
recv
3924 External Challenge Solver: Support for various Virtual Service implementations 4mo 3d 3mo
kind/feature
lifecycle/stale
collaborator-last
commented
open-milestone
pr-merged
pr-unreviewed
send
3910 ACME Certificate in "False" state even when order and certificaterequest are completed 5mo 4d 5mo
kind/bug
lifecycle/stale
collaborator-last
recv
3896 Cert Manager failing to renew certificate
15
5mo 18h 18h
kind/bug
commented
member-last
send
similar
3890 support more secret type 5mo 4d 5mo
lifecycle/stale
collaborator-last
commented
send
3884 Certs Owner Reference on secret from issuer
5mo 3d 3mo
kind/feature
lifecycle/stale
collaborator-last
commented
send
3874 Getting "Error from server: conversion webhook for acme.cert-manager.io/v1alpha2, Kind=Challenge failed: Post https://cert-manager-webhook.cert-manager.svc:443/convert?timeout=30s: service "cert-manager-webhook" not found"
2
5mo 4d 5mo
lifecycle/stale
collaborator-last
recv
recv-q
similar
3747 Certificate issuerRef should be optional 6mo 3d 6mo
kind/feature
lifecycle/stale
contributor-last
recv
3743 Excessive DNS caching for DNS verification
6mo 4d 6mo
kind/bug
author-last
recv
3739 Helm chart fails to install CRDs when using ArgoCD 6mo 3d 6mo
kind/bug
lifecycle/stale
collaborator-last
recv
similar
3723 Order stays in an unknown state indefinitely for a particular ingress 6mo 4d 6mo
kind/bug
lifecycle/stale
collaborator-last
recv
3719 DNS-01 broken scenario (GCP Cloud DNS) 6mo 4d 6mo
kind/bug
author-last
recv
3716 Health check failed as CertificateSource is unhealthy"
3
6mo 2mo 6mo
kind/bug
recv
recv-q
3715 kube-dns not used for DNS01 challenges 6mo 4d 6mo
kind/bug
lifecycle/stale
collaborator-last
recv
3691 no_proxy settings not honored helm/kubernetes/vault 7mo 4d 7mo
kind/bug
lifecycle/stale
collaborator-last
recv
3690 renewal stucks and output suspicious logs periodically
7mo 4d 7mo
kind/bug
lifecycle/stale
collaborator-last
recv
3681 When using a keystore.jks in secret, how can I specify a name for the alias 7mo 4d 7mo
kind/feature
lifecycle/stale
collaborator-last
recv
3677 Provide configuration for delayed certificate update after creation 7mo 4d 7mo
kind/feature
lifecycle/stale
collaborator-last
recv
3676 Configuring LE wildcard cert on EKS w/ Route53 DNS 7mo 4d 7mo
lifecycle/stale
collaborator-last
commented
send
3673 Create cert-manager container registry 7mo 4d
kind/cleanup
lifecycle/stale
collaborator-last
3671 Transfer repository to the cert-manager organisation 7mo 4d 6mo
kind/cleanup
lifecycle/stale
collaborator-last
commented
3668 Secure Istio Gateway in Kubernetes using cert-manager. 7mo 4d 7mo
kind/bug
lifecycle/stale
collaborator-last
recv
3660 order is showing as ready but stuck at the challenges. Not getting all the challenges. 7mo 4d 7mo
lifecycle/stale
collaborator-last
recv
3659 custom DNS01 test fails when secondary nameserver is unresponsive 7mo 4d 7mo
kind/bug
lifecycle/stale
collaborator-last
recv
3651 Document how to set Issuer and Subject for self-signed certificates
2
7mo 4d 7mo
kind/bug
lifecycle/stale
collaborator-last
recv
similar
3649 Challenge & secret sometimes not getting created for route53 issuer 7mo 4d 7mo
kind/bug
lifecycle/stale
collaborator-last
recv
3637 BadRequest error when configuring external Vault with Kubernetes authentication
4
7mo 2mo 7mo
kind/bug
recv
recv-q
3617 Manage etcd, apiserver, controller-manager, scheduler, proxy, kubelet certificates 7mo 4d 7mo
kind/feature
lifecycle/stale
collaborator-last
recv
3609 oauth2: cannot fetch token: Post \https://oauth2.googleapis.com/token": x509: certificate signed by unknown authority" 7mo 4d 7mo
lifecycle/stale
collaborator-last
recv
3608 Unable to renew certificate for some cert hosts with propagation check failed
7mo 4d 7mo
kind/bug
lifecycle/stale
collaborator-last
recv
recv-q
3599 Create certificate issue (showing in progress only) 8mo 4d 8mo
lifecycle/stale
collaborator-last
recv
recv-q
3592 Ability to not create ca.crt
8mo 4d 8mo
author-last
commented
recv
3565 requestmanager_controller got stuck in a loop and stopped generating new certificates afterward
8
8mo 5d 8mo
kind/bug
recv
recv-q
3553 ExperimentalCertificateControllers feature gate not available in v1.1 8mo 4d 8mo
kind/bug
lifecycle/stale
collaborator-last
recv
3484 Ingress annotations with external issuer end up in eternal loop - smallstep 9mo 4d 9mo
kind/bug
lifecycle/stale
collaborator-last
commented
recv
recv-q
3481 cert-manager stops reconciling certificate expiries
2
4
9mo 4d 9mo
kind/bug
lifecycle/stale
collaborator-last
commented
recv
recv-q
3448 Self-signed certificate has ready-state: true 10mo 4d 10mo
kind/bug
lifecycle/stale
collaborator-last
recv
3427 Add multiple trustedCertEntries to truststores.
10mo 4d 10mo
kind/bug
lifecycle/stale
collaborator-last
commented
send
3404 Add support for custom Certificate Extensions
4
11mo 2mo 2mo
collaborator-last
commented
pr-closed
send
similar
3284 Support for deploying one or more issuers from helm chart 1y 4d 1y
kind/feature
lifecycle/stale
collaborator-last
commented
send
3194 Ability to specify utilizing Ambient Credentials for Vault Auth Block
2
1y 4d 1y
kind/feature
lifecycle/stale
collaborator-last
recv
697 [IRSA] Needs `runAsUser: 1001` 13d 13d 13d
recv
693 Azure DNS pod identity incorrectly documents principal_id 3wk 14d 14d
commented
member-last
send
672 List required Google CloudDNS permissions exhaustively 6wk 6wk 6wk
recv
662 Using "azureDNS" for the DNS01 Solver results "Multiple user assigned identities exist, please specify the clientId / resourceId"
7wk 5wk 7wk
recv
659 Document component flags 7wk 7wk 7wk
assigned
assignee-updated
contributor-last
recv
645 Investigate & add an FAQ/warning about images rolled back after GitOps upgrade 2mo 2mo 2mo
recv
642 Move/ link to Webhook debugging docs 2mo 2mo 2mo
recv
similar
604 Make it so that it is easier to find the doc for fixing webhook issues 3mo 3mo 3mo
recv
600 Remove Helm v2 from Ingress Nginx tutorial
3mo 3mo 3mo
recv
583 cert-manager with ZeroSSL
3mo 18d 3mo
recv
recv-q
571 Clean up old readthedocs sites
3mo 3mo 3mo
kind/cleanup
commented
member-last
568 Add a diagram for LetsEncrypt cert issuance flow to the docs
3
4mo 4mo 4mo
recv
561 Certificate Resources 4mo 4mo 4mo
recv
similar
559 Update uninstall process doc 4mo 4mo 4mo
recv
554 HTTP Validation, privateKeySecretRef 4mo 3mo 4mo
contributor-last
recv
549 Effort towards a more user-friendly website 4mo 4mo
543 Add getting started documentation for users who want to quickly use cert-manager to issue LetsEncrypt certificates
3
4mo 2mo 2mo
commented
contributor-last
recv-q
542 Document the Istio VirtualService HTTP01 configuration options 4mo 4mo
532 Rework of the landing page (cert-manager.io)
3
5mo 2mo 2mo
help wanted
good first issue
commented
member-last
send
similar
486 OpenShift - broken link
5mo 7wk 3mo
commented
contributor-last
recv-q
send
469 DNS01: Delegated Domains for DNS01 example yaml solvers list items 6mo 6mo 6mo
recv
466 installation/compatiblity 6mo 6mo 6mo
recv
457 cainjector docs are missing the option to inject certs in apiservice resources
6mo 6mo 6mo
recv
454 Cluster Resource Namespace 6mo 6mo 6mo
recv
426 Create a sequence diagram that shows how a certificate gets issued with let's encrypt
2
7mo 3mo 3mo
commented
member-last
pr-merged
425 Document ocspServers 7mo 7mo 7mo
kind/documentation
commented
member-last
422 Page last modified date incorrect 7mo 7mo 7mo
kind/bug
collaborator-last
commented
send
403 Add to documentation: change default port of webhook when using hostNetwork and default Kubelet port setting 8mo 4mo 7mo
documentation
good first issue
kind/documentation
commented
recv-q
send
386 Uninstalling on Kubernetes - How to delete all those user created resources? 9mo 9mo 9mo
collaborator-last
commented
send
330 Case for CertificatePrivateKey (encoding, algorithm) is wrong (v1) 11mo 11mo 11mo
collaborator-last
commented
send
326 Securing Ingresses with Venafi 1y 1y 1y
collaborator-last
commented
send
295 Route53 1y 7mo 7mo
kind/documentation
commented
member-last
send
283 Document upgrade path for legacy users of v1.0 1y 3mo 7mo
kind/documentation
commented
contributor-last
send
42 Publish latest release number as part of creating a final release
3wk 17d 17d
commented
member-last
send
31 Move the manual steps of our release process to cmrel commands
4mo 17d 17d
commented
member-last
pr-closed
27 Create cert-manager specific testing / release infrastructure
4mo 17d 4mo
assigned
assignee-updated
commented
member-last
pr-merged
similar
19 Incorrect command line help: should include a --branch argument 1y 7mo 7mo
kind/cleanup
commented
contributor-last

Uncommented older than 7 days (122)

Resolution: Add a priority/ or triage/ label

Average age: 143.9d, Avg wait: 136.4d
ID Au Desc As Rea Cr Up Re Cmntrs Labels Tags
3909 Make wait time configurable when creating route53 challenge
2
5mo 4d 5mo
kind/feature
priority/important-longterm
lifecycle/stale
area/acme/dns01
collaborator-last
recv
3898 Allow setting PodDisruptionBudget policies via helm chart 5mo 3d 5mo
kind/feature
priority/important-longterm
area/deploy
author-last
pr-new-commits
recv
3825 restoring parallel setup behaviour for e2e tests 5mo 4d 5mo
good first issue
help wanted
kind/feature
priority/important-longterm
lifecycle/stale
collaborator-last
recv
3729 Possible Bug in RFC2136? Or Missconfiguration? 6mo 4d 6mo
triage/support
lifecycle/stale
collaborator-last
recv
3711 Export issued cert into AWS ACM
7
6mo 3d 6mo
kind/feature
priority/backlog
collaborator-last
recv
3655 Specify Name Constraints in CA Certificate
3
7mo 6wk 7mo
kind/feature
priority/backlog
recv
3653 install cert-manager: Readiness probe failed: HTTP probe failed with statuscode: 500 7mo 3d 7mo
kind/bug
triage/support
lifecycle/stale
collaborator-last
recv
3509 Provide a separate manifest for the cert-manager Namespace resource 9mo 4d 9mo
kind/feature
priority/important-longterm
lifecycle/stale
collaborator-last
recv
3445 Connection refused for cert-manager-webhook service
2
10mo 4d 10mo
triage/support
lifecycle/stale
collaborator-last
recv
recv-q
3377 CertManager does not install with default settings
4
11mo 4d 11mo
kind/bug
priority/important-soon
lifecycle/stale
recv
recv-q
3020 Ability to convert resources in acme.cert-manager.io group 1y 4d 1y
kind/bug
priority/important-soon
lifecycle/stale
collaborator-last
recv
2941 Detect multiple certs pointed to the same secret
2
1y 4d 1y
kind/feature
priority/important-longterm
lifecycle/stale
area/monitoring
collaborator-last
recv
2926 Add an ability to communicate with Vault via mTLS 1y 4d 1y
kind/feature
priority/important-longterm
lifecycle/stale
area/vault
collaborator-last
pr-unreviewed
recv
551 Documentation on how to handle large-scale certificate management & best practices
2
4mo 4mo 4mo
help wanted
priority/important-longterm
kind/documentation
contributor-last
recv
480 Secret gets UID added to end of name 6mo 5mo 6mo
triage/support
contributor-last
recv
recv-q
76 Upgrading from v0.10 to v0.11 - missing cainjector annotation 2y 1y 2y
priority/backlog
kind/documentation
contributor-last
recv
56 Route53: document use of "region" field 2y 5mo 2y
documentation
priority/important-longterm
contributor-last
recv
recv-q
105 previously listed items omitted

Important soon, but no updates in 90 days (10)

Resolution: Downgrade to important-longterm

Average age: 483.0d, Avg wait: 26.3d
ID Au Desc As Rea Cr Up Re Cmntrs Labels Tags
459 cert manager is no longer on the OpenShift operator list 6mo 5mo 6mo
priority/important-soon
assigned
assignee-updated
commented
member-last
send
320 Document how to install cert-manager using gitops and known issues with particular gitops implementations
1y 3mo 1y
documentation
priority/important-soon
commented
contributor-last
262 [DOCS]: Add info on how to customize kind CertManager when using OperatorHub method on Openshift
1y 8mo 1y
kind/feature
priority/important-soon
author-last
commented
recv
recv-q
229 Documenting resolution for DigitalOcean + HTTP01 "connection timed out" error 1y 1y
priority/important-soon
kind/documentation
contributor-last
198 Document release process 1y 1y 1y
priority/important-soon
kind/documentation
assigned
commented
member-last
send
195 Document keystores 1y 3mo 1y
priority/important-soon
kind/documentation
commented
member-last
send
174 Add documentation for CRD conversion webhook ca injection 1y 1y 1y
help wanted
priority/important-soon
kind/documentation
commented
member-last
send
144 Improve webhook debugging info
2y 3mo 1y
priority/important-soon
kind/documentation
commented
member-last
pr-merged
send
similar
90 Document Certificate Subject Changes 2y 7mo 7mo
help wanted
good first issue
priority/important-soon
collaborator-last
commented
similar
69 SelfSignedIssuer configuration - API reference docs 2y 1y 1y
help wanted
good first issue
priority/important-soon
kind/documentation
commented
member-last
send

Important longterm, but no updates in 180 days (5)

Resolution: Downgrade to backlog

Average age: 507.0d, Avg wait: 0.0d
ID Au Desc As Rea Cr Up Re Cmntrs Labels Tags
2178 Handling 'unregistering' certificates from Venafi TPP
3
2y 9mo 9mo
lifecycle/frozen
kind/feature
priority/important-longterm
area/venafi
collaborator-last
commented
send
401 Bring tutorials up to date 8mo 7mo
priority/important-longterm
223 Document wildcard certificate tutorial 1y 1y 1y
priority/important-longterm
kind/documentation
commented
contributor-last
send
178 Order of versions of cert-manager in menu 1y 1y 1y
priority/important-longterm
kind/documentation
commented
contributor-last
send
154 Documenting repo management process 2y 1y 2y
priority/important-longterm
kind/documentation
commented
contributor-last
send

Pull Requests: Review Ready (19)

Resolution: Review requests or mark them as do-not-merge/work-in-progress

Average age: 52.6d, Avg wait: 41.0d
ID Au Desc As Rea Cr Up Re Cmntrs Labels Tags
4465 Clouldflare: Show API error messages (e.g., invalid access token) 3d 3d 3d
release-note
size/S
needs-ok-to-test
area/acme
dco-signoff: yes
area/acme/dns01
needs-kind
collaborator-last
recv
unreviewed
4027 bug: Don't sort json patch operations 4mo 3d 4mo
size/XS
release-note-none
approved
kind/bug
lifecycle/stale
dco-signoff: yes
ok-to-test
collaborator-last
commented
new-commits
recv
4339 Add option to override the whitelist-source-range nginx ingress annotation for http01 solvers
2
5wk 4d 4d
size/L
release-note
area/api
area/acme
dco-signoff: yes
ok-to-test
area/acme/http01
area/deploy
needs-kind
assigned
assignee-updated
author-last
commented
recv
reviewed-with-comment
4456 Vault internal client should check health conn err before checking response status 5d 4d 4d
release-note
approved
size/S
kind/bug
area/vault
dco-signoff: yes
assigned
assignee-updated
collaborator-last
commented
new-commits
4209 Auto generate README.md, Chart.yaml, values.schema.json and values.yaml using tem & helm-jsonschema-gen
3
2mo 6d 9d
release-note
approved
kind/feature
size/XXL
dco-signoff: yes
ok-to-test
area/deploy
commented
contributor-last
recv
reviewed-with-comment
4419 Add Certificate RenewBefore prometheus metrics 2wk 8d 2wk
size/L
release-note
needs-ok-to-test
dco-signoff: yes
area/testing
area/monitoring
needs-kind
assigned
author-last
new-commits
recv
recv-q
4408 Adds generate completion scripts for bash, zsh, fish, and powershell 3wk 17d
size/L
release-note
approved
kind/feature
dco-signoff: yes
collaborator-last
unreviewed
4409 CLI runtime object completion 3wk 3wk 3wk
release-note
size/XL
approved
kind/feature
dco-signoff: yes
area/testing
area/ctl
commented
member-last
open-milestone
unreviewed
4287 Acme http challenge custom dns 7wk 4wk 7wk
size/L
release-note
area/api
needs-ok-to-test
area/acme
dco-signoff: yes
area/testing
area/acme/dns01
area/acme/http01
area/deploy
needs-kind
collaborator-last
recv
unreviewed
4330 Add client certificate auth method for Vault issuer 5wk 4wk 5wk
release-note
size/XL
area/api
needs-ok-to-test
area/vault
dco-signoff: yes
area/deploy
needs-kind
author-last
recv
unreviewed
4329 [Helm Chart] Add optional service annotations 5wk 5wk 5wk
release-note
size/S
needs-ok-to-test
dco-signoff: yes
area/deploy
needs-kind
assigned
author-last
recv
reviewed-with-comment
similar
4145 Allow additional namespaceSelector matchExpressions to be configured on ValidatingWebHook 2mo 2mo 2mo
size/XS
release-note
kind/feature
dco-signoff: yes
ok-to-test
area/deploy
assigned
assignee-updated
author-last
commented
recv
recv-q
unreviewed
701 Issuer with IRSA needs ambient credentials flag 7d 2d 7d
dco-signoff: no
size/XS
needs-ok-to-test
assigned
author-last
recv
recv-q
unreviewed
700 DNS01 webhooks : add cert-manager-alidns-webhook 9d 4d 9d
size/XS
dco-signoff: yes
needs-ok-to-test
assigned
author-last
recv
recv-q
unreviewed
669 kubectl --export is deprecated
6wk 4wk 5wk
dco-signoff: yes
size/S
ok-to-test
assigned
commented
contributor-last
recv
recv-q
reviewed-with-comment
687 Update faq/kubed.md: Fix deprecated API in v1.22 (networking.k8s.io/v1beta1) 5wk 5wk 5wk
size/XS
dco-signoff: yes
needs-ok-to-test
contributor-last
recv
recv-q
unreviewed
451 update to ingress. 6mo 3mo 6mo
dco-signoff: no
size/XS
needs-ok-to-test
contributor-last
recv
unreviewed
528 Update "Setting Nameservers for DNS01 Self Check" example 5mo 5mo 5mo
size/XS
dco-signoff: yes
needs-ok-to-test
contributor-last
recv
unreviewed
48 Add kms/pgp bootstrapping commands for signing 2d 2d
dco-signoff: yes
approved
size/XL
contributor-last
unreviewed

Unkinded Issues (77)

Resolution: Add a kind/ or triage/support label

Average age: 172.5d, Avg wait: 69.1d
ID Au Desc As Rea Cr Up Re Cmntrs Labels Tags
4466 OpenShift 4.8 - OperatorHub shows false version? 2d 2d 2d
recv
3849 Make debugging e2e tests locally easier 5mo 4d
priority/backlog
lifecycle/stale
area/testing
collaborator-last
3808 Supporting traefik IngressRoute objects?
4
5mo 3d 5mo
priority/important-longterm
area/ingress-shim
commented
send
3555 Venafi E2E tests are all failing
8mo 4d 7mo
priority/important-soon
lifecycle/stale
area/testing
area/venafi
collaborator-last
commented
pr-merged
3451 Move repo to cert-manager/cert-manager 10mo 6wk 6wk
priority/important-soon
Epic
assigned
assignee-updated
commented
member-last
send
3325 Waiting for HTTP-01 challenge propagation: wrong status code '404', expected '200'
9
11mo 3d 3mo
priority/backlog
lifecycle/stale
collaborator-last
commented
send
similar
3067 Reviewing 'minimum certificate duration' requirements and handling
1y 4d 1y
area/api
priority/important-longterm
lifecycle/stale
collaborator-last
commented
open-milestone
pr-closed
pr-merged
send
2996 cainjector pod restart many times of V0.15.1
2
1y 4d 1y
lifecycle/stale
triage/needs-information
area/cainjector
collaborator-last
commented
recv
recv-q
354 DigitalOcean access-token should not be base64-encoded 11mo 7mo 10mo
priority/awaiting-more-evidence
author-last
commented
recv
344 Add docs to explain webhooks 11mo 5mo
help wanted
good first issue
priority/important-longterm
contributor-last
2 Set up periodic job to publish an experimental release build
2y 4mo
priority/backlog
assigned
contributor-last
66 previously listed items omitted

Unprioritized Recent Issues (179)

Resolution: Add a priority/ or triage/ label

Average age: 125.4d, Avg wait: 68.4d
ID Au Desc As Rea Cr Up Re Cmntrs Labels Tags
4468 "NoCredentialProviders" error from route53 solver 1d 1d 1d
kind/bug
recv
4457 Fix golint errors 5d 4d 4d
good first issue
kind/cleanup
assigned
assignee-updated
commented
contributor-last
4454 Add certificate issuer / issuer type in prometheus metrics
5d 5d 5d
kind/feature
recv
similar
4452 Error initializing issuer: context deadline exceeded 6d 5d 6d
kind/bug
recv
175 previously listed items omitted

Uncommented Recent Issues (4)

Resolution: Add a comment

Average age: 4.0d, Avg wait: 3.8d
ID Au Desc As Rea Cr Up Re Cmntrs Labels Tags
4 previously listed items omitted: #4468 #4466 #4454 #4452
New, has multiple reactions, but not important-soon: No matching items
New, has multiple commenters, but not important-soon: No matching items

needs information, has update (3)

Resolution: Comment and remove triage/needs-information tag

Average age: 322.8d, Avg wait: 294.8d
ID Au Desc As Rea Cr Up Re Cmntrs Labels Tags
3611 Order expires on renew
7mo 4d 7mo
kind/bug
lifecycle/stale
triage/needs-information
collaborator-last
commented
recv
3534 cert-manager tries to follow CNAME while "cnameStrategy" is set to "None" 8mo 4d 7mo
kind/bug
lifecycle/stale
triage/needs-information
collaborator-last
commented
recv
2996 cainjector pod restart many times of V0.15.1
2
1y 4d 1y
lifecycle/stale
triage/needs-information
area/cainjector
collaborator-last
commented
recv
recv-q

Recently updated issue has a question (35)

Resolution: Add an answer

Average age: 414.5d, Avg wait: 170.3d
ID Au Desc As Rea Cr Up Re Cmntrs Labels Tags
4459 Should Changing Key usages on a Certificate trigger a re-issue?
5d 4d
good first issue
kind/feature
priority/backlog
pr-closed
recv-q
3689 Certificate cannot be created because of attempts to create Order resources that already exist (on OVH)
4
7mo 3d 3mo
help wanted
kind/bug
priority/important-longterm
lifecycle/stale
collaborator-last
commented
recv-q
send
3601 Missing nodeSelector on challenge pods
4
8mo 4d 7mo
kind/bug
triage/support
lifecycle/stale
commented
pr-closed
recv-q
send
3578 problem with kubernetes v 1.19 challange get 404 expected 200
3
8mo 4d 8mo
triage/support
lifecycle/stale
collaborator-last
commented
recv
recv-q
3437 DNS-01 webhook improvements 10mo 4d
kind/feature
priority/backlog
lifecycle/stale
Epic
collaborator-last
open-milestone
pr-unreviewed
recv-q
3388 https://...svc/mutate?timeout=10s: Service Unavailable 11mo 4d 10mo
triage/support
lifecycle/stale
collaborator-last
commented
recv-q
send
3363 Vault Issuer with Kubernetes authentication cannot be automated via Helm
9
11mo 4d 10mo
kind/bug
priority/important-longterm
lifecycle/stale
area/vault
collaborator-last
commented
recv-q
send
similar
3133 Failed calling webhook "webhook.cert-manager.io"
4
1y 4d 11mo
triage/support
lifecycle/stale
collaborator-last
commented
recv-q
send
similar
3009 Using workload identity instead of exporting service account keys on GKE
5
33
1y 4d 1y
help wanted
kind/feature
priority/important-longterm
lifecycle/stale
collaborator-last
commented
recv-q
send
3007 Creating Issuer with self CA is failing
1y 4d 1y
triage/support
commented
recv-q
send
2969 Vault ClusterIssuer with Kubernetes authentication not possible?
1y 4d 1y
triage/support
priority/awaiting-more-evidence
lifecycle/stale
collaborator-last
commented
recv
recv-q
similar
2959 certificate letsencrypt-staging is in status false ... 1y 4d 1y
triage/support
lifecycle/stale
collaborator-last
commented
recv
recv-q
2906 Add Subject Key Identifier to Certificate CRD
1y 3d 1y
kind/feature
priority/important-soon
lifecycle/stale
area/ca
collaborator-last
commented
recv-q
send
similar
2902 Cannot decrypt PKCS12 keystore
3
1y 4d 1y
kind/bug
priority/important-soon
lifecycle/stale
collaborator-last
commented
recv
recv-q
2899 CA-injector doc updates( was Webhook patching infinite loop)
1y 4d 1y
kind/bug
priority/awaiting-more-evidence
lifecycle/stale
area/cainjector
collaborator-last
commented
recv
recv-q
2877 E2E: [Conformance] Certificates with issuer type ACME DNS01 Issuer should issue a basic, defaulted certificate for a single commonName and distinct dnsName defined by an ingress with annotations 1y 4d 1y
priority/important-longterm
lifecycle/stale
area/acme
kind/flake
collaborator-last
commented
recv-q
2817 cainjector fails to start: MutatingWebhookConfiguration not found 1y 4d 1y
kind/bug
priority/important-longterm
lifecycle/stale
area/deploy
collaborator-last
commented
recv-q
send
2768 Pass only role name and not full ARN for kube2iam
1y 4d 1y
kind/feature
priority/awaiting-more-evidence
lifecycle/stale
area/acme/dns01
collaborator-last
commented
recv
recv-q
2763 Creating ingress-shim equivalent for Istio gateway resources 1y 4d 1y
good first issue
kind/design
kind/feature
priority/backlog
lifecycle/stale
area/ingress-shim
collaborator-last
commented
recv-q
send
2727 Add per-domain ACME metrics for requests 2y 4d 1y
kind/feature
priority/awaiting-more-evidence
lifecycle/stale
area/monitoring
collaborator-last
commented
recv
recv-q
2722 Inject CA certificate into Secrets with cainjector
9
2y 3d 11mo
kind/feature
priority/awaiting-more-evidence
commented
recv-q
send
similar
2636 Certificate stuck in issuing state
2y 4d 1y
area/api
kind/bug
priority/awaiting-more-evidence
lifecycle/stale
collaborator-last
commented
recv-q
send
similar
2478 Allow CA issuer secret rotation
6
2y 4d 9mo
kind/feature
priority/important-longterm
lifecycle/stale
area/ca
collaborator-last
commented
open-milestone
recv-q
send
2377 Istio Node Agent Integration 2y 4d 2y
kind/feature
priority/important-longterm
lifecycle/stale
collaborator-last
commented
recv-q
send
2332 Private ACME authority aka custom root certificate for ACME
7
2y 4d 2y
good first issue
help wanted
kind/feature
priority/backlog
lifecycle/stale
area/acm