Once every quarter, look for stale issues, reprioritize, and de-duplicate.

Issues nearing expiration (27)

Resolution: Close or label as frozen

Average age: 270.4d, Avg wait: 101.7d
ID Au Desc As Rea Cr Up Re Cmntrs Labels Tags
6662 support overriding of ttl in cloudflare 3mo 14h 3mo
kind/feature
lifecycle/stale
recv
6653 configuration options for certificate chain 3mo 5d 3mo
kind/feature
lifecycle/stale
recv
similar
6652 Support for GCP Multi Cluster Gateway and HTTP01
3mo 6d 3mo
kind/feature
lifecycle/stale
recv
6640 Intermittient DNS problem: networking error looking up CAA for xxx 3mo 9d 3mo
kind/bug
lifecycle/stale
collaborator-last
recv
6633 Error from server: request to convert CR from an invalid group/version: cert-manager.io/v1alpha2 3mo 11d 3mo
lifecycle/stale
collaborator-last
recv
6625 Terraform helm provider Chart.yaml file missing 3mo 12d 3mo
kind/bug
lifecycle/stale
collaborator-last
recv
6622 `make update-licenses` is non-deterministic. 3mo 15d
kind/bug
lifecycle/stale
collaborator-last
6616 Certificate Issue in Bare metal server - http01 3mo 16d 3mo
lifecycle/stale
collaborator-last
recv
6615 HTTP01 Config Map Challenge Flow
2
3mo 17d 3mo
kind/feature
lifecycle/stale
collaborator-last
recv
6602 Cert manager not retrying after initial issuance is failed 3mo 19d 3mo
kind/bug
lifecycle/stale
collaborator-last
recv
6594 Waiting for DNS-01 challenge propagation: DNS record for 'hmccloud.com' not yet propagated.
3mo 2wk 3mo
kind/bug
lifecycle/stale
collaborator-last
recv
similar
6580 Warn users not to use insecure TSIG algorithms when using DNS UPDATE and ACME DNS01
3mo 3wk
lifecycle/stale
collaborator-last
pr-merged
6536 challenge stuck in pending state - certifcate never gets ready
4mo 3wk 4mo
kind/bug
lifecycle/stale
collaborator-last
recv
recv-q
6510 DNS-01 challenge propagation | NS ns-512.awsdns-00.net.:53 returned REFUSED for _acme-challenge ....
2
5mo 7h 5mo
kind/bug
lifecycle/stale
commented
recv
6457 Error from server (InternalError): Internal error occurred: failed calling webhook "webhook.cert-manager.io": failed to call webhook: Post "https://cert-manager-webhook.cert-manager.svc:443/mutate?timeout=10s": No agent available 5mo 11d 5mo
lifecycle/stale
collaborator-last
commented
send
similar
6378 Renewal fails during aws-privateca-issuer downtime, continues to fail after issuer returns to service
11
6mo 18d 6mo
kind/bug
lifecycle/stale
recv
6269 Allow hardcoded JKS and PKCS#12 passwords
4
8mo 5h 7mo
good first issue
kind/feature
lifecycle/stale
commented
pr-reviewed-with-comment
recv-q
6141 Consider exposing previous certificates/keys in the kubernetes secret so that workloads can implement a grace period when a certificate rotates
3
10mo 7d 10mo
kind/feature
lifecycle/stale
collaborator-last
commented
recv
recv-q
6138 allow unencrypted private keys for PKCS12 output
4
10mo 4wk 10mo
kind/feature
lifecycle/stale
collaborator-last
recv
5882 Duplicate events
1y 8d 3mo
kind/bug
lifecycle/stale
assigned
assignee-updated
collaborator-last
commented
5430 Improving DNS-01 challenge performance
4
2y 18d 2y
kind/feature
lifecycle/stale
collaborator-last
pr-closed
pr-unreviewed
recv
5298 Complete the Migration Away From Jetstack Names 2y 13d 3mo
kind/cleanup
lifecycle/stale
collaborator-last
commented
4191 Setting default values for Pod's "resources"?
6
2y 3wk 3mo
lifecycle/stale
collaborator-last
commented
4330 Add client certificate auth method for Vault issuer
4
2y 5h 1y
release-note
needs-rebase
approved
area/api
kind/feature
size/XXL
lifecycle/stale
area/acme
area/vault
dco-signoff: yes
area/testing
ok-to-test
area/deploy
commented
contributor-last
open-milestone
recv
recv-q
reviewed-with-comment
similar
5743 Add MaxPathLen and add EncodeBasicConstraintsInRequest option to Certificate and CertificateRequest resources 1y 5h 4mo
size/L
release-note
needs-rebase
area/api
kind/cleanup
lifecycle/stale
dco-signoff: yes
area/testing
ok-to-test
area/deploy
commented
contributor-last
open-milestone
recv-q
reviewed-with-comment
send
6576 Allow customizing labels copied from ingresses to certificates 3mo 18d 3mo
release-note
area/api
needs-ok-to-test
size/M
lifecycle/stale
dco-signoff: yes
needs-kind
collaborator-last
recv
unreviewed
6228 Issue 5514 read cabundle from kube objects - design doc
3
9mo 3wk 7mo
size/L
release-note-none
kind/design
needs-ok-to-test
lifecycle/stale
dco-signoff: no
collaborator-last
commented
new-commits
open-milestone
recv
recv-q
Features that deserve a follow-up comment: No matching items

Features that have not been commented on within 90 days (4)

Resolution: Comment or close the issue

Average age: 978.3d, Avg wait: 0.0d
ID Au Desc As Rea Cr Up Re Cmntrs Labels Tags
4349 allowing greater configuration for the cloud provider tests
2y 2y 2y
lifecycle/frozen
kind/feature
collaborator-last
commented
send
3521 Integration with ExternalDNS
4
36
3y 1y 2y
help wanted
lifecycle/frozen
kind/feature
priority/important-longterm
commented
recv-q
send
155 Add 'unreleased version' & 'old version' warning banner to non-latest versions of docs 4y 3y 3y
kind/feature
priority/backlog
collaborator-last
commented
send
278 Add Helm option to create RBAC allowing approval for all issuers
6mo 6mo 6mo
kind/feature
good first issue
commented
member-last
send

Bugs that deserve a follow-up comment (10)

Resolution: Comment or close the issue

Average age: 292.4d, Avg wait: 179.3d
ID Au Desc As Rea Cr Up Re Cmntrs Labels Tags
6753 reflector.go: nable to sync list result: internal error: cannot cast object DeletedFinalStateUnknown
4
2mo 2mo 2mo
kind/bug
author-last
recv
recv-q
6741 ACME account private key and URI are not updated if the path of the ACME server is changed
5
2mo 2mo 2mo
kind/bug
recv
6673 Missing RBAC permissions for kubernetes serviceaccount against Vault issuer.
2mo 2mo 2mo
kind/bug
recv
6632 Vault Issuer: The CA full chain is not included into the ca.crt
3mo 2mo 3mo
kind/bug
commented
recv
recv-q
6473 Ingress labels copied to certificate, causing issues with applysets
2
5mo 2mo 5mo
kind/bug
author-last
pr-unreviewed
recv
6230 cert-manager DDoSes DNS-01 solver - infinite rate limiting
9mo 2mo 9mo
kind/bug
area/acme/dns01
recv
recv-q
6065 acme-http01-edit-in-place is ignored when edit ingress resource - has to be re-added
2
2
9
11mo 2mo 11mo
kind/bug
pr-unreviewed
recv
recv-q
5864 Certmgr allows creating certificates expiring after ca expiration.
4
1y 2mo 1y
kind/bug
author-last
recv
5486 Aggressive Retries from "error instantiating route53 challenge solver"
4
2y 2mo 2y
kind/bug
recv
recv-q
similar
4749 rfc2136 seems to not work with deep subdomains 2y 2mo 2y
kind/bug
area/acme/dns01
commented
recv
recv-q

Bugs that have not been commented on within 60 days (20)

Resolution: Comment or close the issue

Average age: 458.9d, Avg wait: 89.6d
ID Au Desc As Rea Cr Up Re Cmntrs Labels Tags
6721 cmctl check api should fail unless the webhook is configured 2mo 2mo 2mo
kind/bug
commented
member-last
send
6714 mismatched between certificate and secret can DOS Kubernetes 2mo 2mo 2mo
kind/bug
commented
member-last
send
6215 The default `Cluster Resource Namespace` is `kube-system`, not `cert-manager` 9mo 2mo 2mo
kind/bug
collaborator-last
commented
send
similar
6195 logLevel information in logs
9mo 2mo 2mo
kind/bug
commented
member-last
send
5867 Controller can't handle hitting request rate limits of zerossl ACME API
5
12
24
1y 5mo 5mo
lifecycle/frozen
kind/bug
commented
member-last
pr-closed
pr-merged
send
4685 Unexpected EOF during watch stream event decoding: unexpected EOF -- possibly due to api server upgrades / restarts
10
2y 2mo 2mo
lifecycle/frozen
kind/bug
commented
member-last
send
4620 Vault Issuer does not retry signing CertificateRequests if the status is pending
12
2y 2mo 2mo
kind/bug
priority/important-longterm
area/vault
commented
member-last
send
4061 Permission denied errors on AWS cause R53 DDoS
2
2y 2mo 2mo
kind/bug
priority/important-soon
area/acme/dns01
commented
member-last
send
3748 Cert-manager causes API server panic on clusters with more than 20000 secrets.
14
3y 2mo 5mo
kind/bug
triage/needs-information
commented
contributor-last
open-milestone
pr-merged
send
3640 Challenge Records Not Always Cleaned Up
3y 2mo 6mo
kind/bug
priority/important-longterm
area/acme
commented
open-milestone
pr-merged
pr-unreviewed
recv-q
10 previously listed items omitted: #6753 #6741 #6673 #6632 #6473 #6230 #6065 #5864 #5486 #4749

Items that deserve a follow-up comment (115)

Resolution: Comment or close the issue

Average age: 625.3d, Avg wait: 590.2d
ID Au Desc As Rea Cr Up Re Cmntrs Labels Tags
6787 Cert-manager with Cluster API to integrated trusted certificates 2mo 2mo 2mo
recv
6665 Can we add default values in API Reference for cert-manager objects? 2mo 2mo 2mo
recv
6664 Secret doesnt change when I change issuer 3mo 3mo 3mo
recv
3992 Add non-CRD yaml file
4
2y 2mo 5mo
priority/important-soon
area/deploy
author-last
commented
recv
6150 (Cluster)Issuer with vault auth and serviceAccountRef is not accepted by cluster due to audience
3
13
10mo 2mo 7mo
commented
contributor-last
pr-unreviewed
recv
recv-q
1355 Add CA cert to chain tls.crt 4mo 2mo 4mo
recv
1257 ErrRegisterACMEAccount 10mo 10mo 10mo
recv
1241 Remove Bitnami kubeprod as installation method 10mo 10mo 10mo
recv
1101 Feature request for updating documentation. 1y 1y 1y
recv
similar
1063 "Securing Ingresses with Venafi" tutorial contains link to missing manifest
2y 2y 2y
author-last
pr-merged
recv
1062 Document process for offboarding maintainers 2y 2y 2y
recv
similar
1061 Document onboarding process for new maintainers 2y 2y 2y
recv
similar
1054 Run spell checker in a pre-commit hook 2y 2y 2y
good first issue
kind/cleanup
recv
998 Documentation venafi configuration references venafi documentation page which returns 403 2y 2y 2y
contributor-last
recv
993 Document which resources do/do not get garbage collected 2y 2y 2y
good first issue
contributor-last
recv
899 Upgrading from v1.7 to v1.8 check command should exclude null.
2
2y 2y 2y
recv
recv-q
1125 Describe cert-manager feature policy 1y 1y 1y
contributor-last
recv
recv-q
944 Document how to install cert-manager in a different namespace
3
2y 3mo 2y
good first issue
recv
recv-q
866 Securing NGINX-ingress 2y 2y 2y
recv
similar
841 remove dependency on golang from cmctl and kubectl-plugin installation documentation
2y 2y 2y
contributor-last
pr-merged
recv
recv-q
836 Syncing Secrets Across Namespaces
2y 2y 2y
recv
758 API reference docs: enum values not documented with typedef 2y 2y 2y
recv
706 Default key usages 2y 2y 2y
recv
697 [IRSA] Needs `runAsUser: 1001` 2y 2y 2y
recv
693 Azure DNS pod identity incorrectly documents principal_id 2y 5mo 2y
author-last
commented
recv
recv-q
672 List required Google CloudDNS permissions exhaustively 2y 2y 2y
recv
662 Using "azureDNS" for the DNS01 Solver results "Multiple user assigned identities exist, please specify the clientId / resourceId"
2y 2y 2y
recv
645 Investigate & add an FAQ/warning about images rolled back after GitOps upgrade 2y 2y 2y
recv
recv-q
604 Make it so that it is easier to find the doc for fixing webhook issues 2y 2y 2y
contributor-last
recv
850 Document available cert-manager Prometheus metrics
2y 1y 2y
documentation
good first issue
priority/important-longterm
recv
recv-q
similar
554 HTTP Validation, privateKeySecretRef 2y 2y 2y
contributor-last
recv
851 create Cilium ingress tls example
3
2y 2y 2y
assigned
assignee-updated
recv
847 missing documentation/information olm based installation metric prometheus 2y 2y 2y
contributor-last
recv
868 Document RBAC 2y 2y 2y
contributor-last
recv
similar
484 Please add anchor tags to your subheadings
3y 3y 3y
priority/backlog
kind/documentation
commented
contributor-last
pr-merged
recv
568 Add a diagram for LetsEncrypt cert issuance flow to the docs
4
2y 2y 2y
recv
469 DNS01: Delegated Domains for DNS01 example yaml solvers list items 3y 3y 3y
recv
457 cainjector docs are missing the option to inject certs in apiservice resources
3y 3y 3y
recv
354 DigitalOcean access-token should not be base64-encoded 3y 3y 3y
priority/awaiting-more-evidence
author-last
commented
recv
561 Certificate Resources 2y 2y 2y
recv
similar
466 installation/compatiblity 3y 3y 3y
recv
76 Upgrading from v0.10 to v0.11 - missing cainjector annotation 4y 3y 4y
priority/backlog
kind/documentation
contributor-last
recv
244 Populate Subject Fields in Certificate 3mo 2mo 3mo
contributor-last
recv
224 ClusterRole & ClusterRoleBindings for istio-csr 4mo 4mo 4mo
recv
217 Restarting a namespace with 30+ deployments causes errors in istio-csr which tends to reolve after a while. 8mo 4mo 8mo
contributor-last
recv
213 charts.jetstack.io beding cluster presents a challenge and breaks deployment 10mo 10mo 10mo
recv
197 add the compatibility matrix for Kubernetes versions to README 1y 1y 1y
recv
similar
176 certificateDuration is not used for the Istio CSR generated certificate requests 2y 2y 2y
author-last
commented
recv
recv-q
similar
155 Invalid certificate chain when using Vault with Intermediate CA 2y 4mo 2y
recv
recv-q
145 Not able to use Istio-CSR in istio(1.13.*)
2y 2y 2y
author-last
commented
pr-closed
recv
141 Istio-csr pods were hung unable to handle request causes entire cluster downtime for new pods/expired pods. 2y 2y 2y
commented
recv
recv-q
138 istio-csr doesn't retry upon failed certificate requests
2y 1y 2y
contributor-last
recv
137 Documentation on rotating the root certificate
2y 1y 2y
recv
recv-q
211 Add custom annotations to deployment
10mo 3mo 10mo
pr-unreviewed
recv
136 Document available metrics 2y 2y 2y
recv
similar
117 public ca.crt aka caBundle is not being updated/propagated until the cert-manager and istiod components are restarted 2y 2y 2y
recv
113 Integrating with istio helm chart installs
13
2y 8mo 2y
recv
recv-q
108 [doc] confusion with `ca.pem` and Readiness probe failed on ingress and egress gateways 2y 2y 2y
author-last
commented
recv
recv-q
94 Can't get aws pca to work 2y 2y 2y
recv
83 commonName required for AWS PCA 2y 2y 2y
commented
recv
recv-q
132 Allow override of istiod-tls certificate common name in helm chert (for non-standard istiod deployments) 2y 1y 2y
recv
130 Document best-practices for minimal vault role configuration for istio-csr 2y 3mo 2y
recv
recv-q
144 add a support kubernetes client QPS and Burst config 2y 2y 2y
recv
271 Include binary artifacts your releases. 7mo 7mo 7mo
recv
207 Setting .Values.nameOverride makes the pod not have rights to update secret cert-manager-approver-policy-tls
1y 1y 1y
author-last
pr-merged
recv
169 Webhook Custom CA 1y 1y 1y
recv
302 Add matchExpressions to Bundle's spec.target.namespaceSelector
2mo 2mo 2mo
contributor-last
recv
recv-q
301 Add support for kubectl installation 2mo 2mo 2mo
commented
contributor-last
open-milestone
recv
297 Allow all resources to be namespaced 2mo 2mo 2mo
recv
294 Init Container cert-manager-package-debian Helm Chart should allow resource requests and limits 2mo 2mo 2mo
author-last
recv
291 Evaluate trust namespace value as template 2mo 2mo 2mo
recv
281 Issue with CRDs when having trust-manager as chart dependency 3mo 3mo 3mo
recv
276 Improve filtered certs error reporting
4
3mo 3mo 3mo
contributor-last
recv
recv-q
245 Split Bundle controller into multiple controllers
4mo 4mo 4mo
contributor-last
recv
243 More flexible and better organized target specification in API
2
5mo 4mo 4mo
commented
recv
recv-q
227 trust-manager and Kubernetes version compatibility
5mo 5mo 5mo
author-last
recv
recv-q
similar
168 Install in openshift with existing cert-manager operator install 7mo 7mo 7mo
author-last
commented
recv
recv-q
similar
205 Allow to select multiple "trust" namespaces
3
6mo 6mo 6mo
recv
142 expose bundles CRD as release artifact
4
10mo 10mo 10mo
recv
132 Unable to run Trust Manager without cert manager 11mo 11mo 11mo
contributor-last
pr-unreviewed
recv
recv-q
196 Allow TLS to be configured on the admission webhook server 6mo 6mo 6mo
recv
135 Automatic CA rotation support 11mo 11mo 11mo
contributor-last
recv
175 support extra annotations on resoures in helm chart
2
7mo 7mo 7mo
recv
144 Add CertificateRequest as a source
7
10mo 8mo 8mo
commented
contributor-last
pr-merged
recv
similar
58 Support injection pem into an existing configmap
4
2y 4mo 2y
help wanted
good first issue
assigned
assignee-updated
contributor-last
recv
99 Allow removing Bundles whilst keeping the synced CA certs
2
1y 1y 1y
pr-unreviewed
recv
33 Support CRDs as target
4
2y 2y 2y
recv
23 Way to add labels/annotations to target
12
2y 7mo 2y
help wanted
good first issue
recv
131 Feature: per namespace trust bundle
2
11mo 5mo 11mo
author-last
recv
recv-q
134 Volume empty
4
1y 1y 1y
recv
125 Is it too late to align cert-manager annotations? 1y 1y 1y
recv
similar
119 Certificate is re-requested when container restarts 2y 2y 2y
recv
similar
33 New key being used with old certificate 3y 3y 3y
recv
29 Deleting a pod with a cert-manager-csi volume mounted results in the pod termination hanging. 3y 3y 3y
recv
26 Cannot `chmod` a read only filesystem
14
3y 2y 3y
pr-closed
recv
recv-q
21 MountVolume.SetUp failed: cannot set blockOwnerDeletion: cannot find RESTMapping for APIVersion core/v1 Kind Pod 4y 4y 4y
recv
17 ability to specify pod IP in volume attributes
5
4y 3mo 3y
commented
recv
recv-q
136 SubPath support is broken or missing 1y 1y 1y
recv
128 Support all subject attributes
1y 1y 1y
pr-reviewed-with-comment
pr-unreviewed
recv
38 Add Envoy Secret discovery service (SDS) support 11mo 11mo 11mo
recv
19 Add support for certificate expiry configuration
6
2y 11mo 2y
recv
similar
54 Same certificate in path based Routes
3mo 3mo 3mo
recv
46 Ability to configure CertificateRequest revision history limit
2
5mo 5mo 5mo
recv
similar
26 Missing CONTRIBUTING.md
1y 1y 1y
recv
13 Can the plugin be configured to use a wildcard certificate?
2y 1y 2y
pr-unreviewed
recv
recv-q
12 Does this plugin support DNS validation? 2y 2y 2y
recv
42 Monitoring observability for "CertificateRequests" 6mo 5mo 6mo
contributor-last
recv
similar
34 `openshift-routes` doesn't work as expected and isn't suitable for a production environment 9mo 7mo 9mo
author-last
recv
recv-q
30 Installation is only possible in the default `cert-manager` NS
3
10mo 6mo 10mo
contributor-last
pr-closed
recv
recv-q
22 Customize the deployment of cert-manager installed via OLM
5
6
3y 1y 2y
author-last
commented
recv
recv-q
17 Operator prevents passing extraArgs helm value
7
3y 1y 3y
recv
recv-q
3 Restrict operator RBAC permissions 4y 4y 4y
recv
46 Cert-manager operator fails to issue certificates 2y 2y 2y
recv
similar
33 Create e2e test to validate CertificateRequest garbage collection 2y 2y 2y
assigned
recv
60 Support prometheus metrics
3mo 3mo 3mo
recv

Items that have not been commented on within 60 days (166)

Resolution: Comment or close the issue

Average age: 745.9d, Avg wait: 402.8d
ID Au Desc As Rea Cr Up Re Cmntrs Labels Tags
4950 General flakiness of our end-to-end suite
3
2y 2y 2y
lifecycle/frozen
kind/flake
commented
member-last
pr-closed
pr-merged
send
1168 docs: Add info about client side certificate rotation best practices.
23
5y 4y 4y
help wanted
lifecycle/frozen
kind/documentation
priority/backlog
collaborator-last
commented
pr-closed
send
1255 helm install cert-manager with errors 10mo 9mo 9mo
commented
member-last
send
1194 Confusing paragraph - cert-manager integration. 1y 9mo 9mo
documentation
commented
member-last
send
1186 Document that/why we don't use Helm's CRD installation mechanism 1y 9mo 9mo
good first issue
kind/documentation
assigned
assignee-updated
commented
member-last
send
1168 Rendering issues for generated API docs
1y 1y 1y
commented
member-last
pr-merged
1174 Document the docker images and how to find them
1y 1y 1y
good first issue
priority/important-soon
kind/documentation
commented
member-last
send
776 Explain that you can pre-provision a Secret and Certificate.Spec.SecretName can refer to an existing Secret 2y 2y 2y
commented
member-last
send
753 Route53 - AWS IAM Account Setup is confusing
2y 2y 2y
priority/backlog
commented
member-last
send
583 cert-manager with ZeroSSL
45
2y 2y 2y
commented
send
551 Documentation on how to handle large-scale certificate management & best practices
2
3y 1y 1y
help wanted
priority/important-longterm
kind/documentation
commented
member-last
pr-approved
send
543 Add getting started documentation for users who want to quickly use cert-manager to issue LetsEncrypt certificates
4
3y 2y 2y
commented
member-last
send
532 Rework of the landing page (cert-manager.io)
3
3y 2y 2y
help wanted
good first issue
commented
member-last
send
486 OpenShift - broken link
3y 2y 2y
commented
member-last
send
459 cert manager is no longer on the OpenShift operator list 3y 2y 3y
priority/awaiting-more-evidence
assigned
assignee-updated
commented
contributor-last
recv-q
send
similar
425 Document ocspServers 3y 3y 3y
kind/documentation
commented
member-last
414 Explain cert-manager repo structure
2
3y 3y 3y
priority/backlog
kind/documentation
assigned
assignee-updated
commented
member-last
pr-closed
pr-merged
send
401 Bring tutorials up to date 3y 1y 1y
priority/important-longterm
commented
member-last
send
386 Uninstalling on Kubernetes - How to delete all those user created resources?
3y 3y 3y
collaborator-last
commented
send
330 Case for CertificatePrivateKey (encoding, algorithm) is wrong (v1) 3y 3y 3y
collaborator-last
commented
send
326 Securing Ingresses with Venafi 3y 3y 3y
collaborator-last
commented
send
similar
320 Document how to install cert-manager using gitops and known issues with particular gitops implementations
5
3y 6mo 3y
documentation
help wanted
priority/backlog
commented
pr-merged
recv-q
295 Route53 3y 3y 3y
kind/documentation
commented
member-last
send
237 docs for ACMEChallengeSolverHTTP01Ingress doesn't specify what `class` values are available
3y 3y 3y
priority/backlog
kind/documentation
collaborator-last
commented
pr-closed
send
223 Document wildcard certificate tutorial 3y 3y 3y
priority/important-longterm
kind/documentation
commented
contributor-last
send
197 Document ACME account mismatch 4y 3y 3y
good first issue
priority/backlog
kind/documentation
collaborator-last
commented
234 Backup and Restore Resources
3
3y 3y 3y
priority/backlog
kind/documentation
commented
member-last
pr-merged
send
195 Document keystores 4y 1y 3y
priority/important-soon
kind/documentation
commented
contributor-last
send
130 FAQ: How does cert-manager handle ingresses with valid TLS secrets? 4y 3y 3y
help wanted
priority/backlog
kind/documentation
commented
contributor-last
send
56 Route53: document use of "region" field 4y 1y 1y
documentation
priority/important-longterm
commented
contributor-last
send
174 Add documentation for CRD conversion webhook ca injection 4y 3y 3y
help wanted
priority/important-soon
kind/documentation
commented
member-last
send
79 Design for partial automation of release process 2y 2y 2y
commented
member-last
send
42 Publish latest release number as part of creating a final release
2y 2y 2y
commented
member-last
send
31 Move the manual steps of our release process to cmrel commands
2y 2y 2y
commented
member-last
pr-closed
19 Incorrect command line help: should include a --branch argument 3y 3y 3y
kind/cleanup
commented
contributor-last
161 updating ConfigMap data doesn't stop
2y 2y 2y
collaborator-last
commented
send
153 It is possible to have several CAs within the same cluster.
2
2y 9mo 9mo
commented
member-last
send
133 latest supported cert-manager version with cert-manager-istio-csr? 2y 2y 2y
collaborator-last
commented
send
131 metrics to check certificate expiry for istio workloads ? 2y 2y 2y
collaborator-last
commented
send
106 Helm chart is failing with "certificate.spec.revisionHistoryLimit" issue 2y 2y 2y
collaborator-last
commented
send
similar
87 Failing to integrate with GCP CAS
2y 2y 2y
collaborator-last
commented
send
64 Is there way to hot restart envoy proxy using istio-csr? I'm trying to renew root certificate by changing the istio-ca secret manually. The workload does not pick the new root certificate unless I delete the workload pods 2y 2y 2y
commented
send
53 Generate workload certificates with DNS in the SAN 2y 2y 2y
commented
recv-q
send
288 Feature: Take control of approval for the whole cluster
6mo 3mo 3mo
commented
member-last
242 New version of Bundle API
2
2
5mo 3mo 3mo
commented
member-last
send
222 [Feature] - Ability to inject a CA cert into a cert-manager managed secret resource
6
5mo 5mo 5mo
commented
recv-q
send
183 Create trust bundle based on Debian bookworm
11
7mo 5mo 5mo
good first issue
assigned
assignee-updated
commented
member-last
150 Is there a way to specify the domain
9mo 7mo 7mo
commented
member-last
send
63 nit: Rename "Bundle" to "ClusterBundle"
12
2y 5mo 5mo
commented
member-last
open-milestone
send
60 overriding trusted namespace
4
6
2y 1y 1y
commented
recv-q
send
54 Allow auto-trust Bundles tracking a certain Issuer
2
2y 7mo 1y
commented
contributor-last
recv-q
send
44 Specialise `Bundle` for X.509 Certificates 2y 4mo 4mo
commented
member-last
39 Don't sync targets to all namespaces by default
7
2y 5mo 5mo
commented
contributor-last
open-milestone
send
171 E2E Test Cleanup 3mo 3mo 3mo
good first issue
commented
member-last
116 Does csi-driver support Wìndows nodes? 2y 2y 2y
collaborator-last
commented
send
45 Unable to mount and read only file error
4
2y 1y 2y
commented
recv-q
send
42 Intermittent csi-driver-spiffe failure: Unable to mount cert 6mo 6mo 6mo
commented
member-last
send
39 csi-driver-spiffe vs csi-driver
4
11mo 7mo 7mo
commented
member-last
send
39 Support latest cert-manager operator for openshift 7mo 7mo 7mo
commented
member-last
send
similar
38 Route with cert-manager annotations is not created
7mo 4mo 4mo
commented
member-last
send
similar
14 Annotation generates CertificatesRequests repeatedly until blocked by letsencrypt 2y 4mo 4mo
commented
member-last
send
similar
70 OLM deployment with ArgoCD is OutOfSync 2y 2y 2y
commented
send
104 previously listed items omitted
Triage Party v1.4.0