View Only

MAS Custom Certificates

  • 1.  MAS Custom Certificates

    Posted Thu May 18, 2023 05:02 AM
    Edited by Mohamed Skandaji Thu May 18, 2023 05:18 AM

    Hi All,

    We have a custom certificate IONOS provider, it's recommended to add a new webhook for IONOS to renew the MAS public certificates.
    it's work for me when I create a new project cert-manager and install the operator from
    but I get the error below when I choose to install ibm-cert-manager-operator from Red Hat OperatorHub in ibm-common-services namespace ( as IBM recommended)
    I think it's due to missing RBAC for the Service Account   ibm-cert-manager-controller, please advise?
    cert-manager/challenges "msg"="re-queuing item due to error processing" "error"=" is forbidden: User \"system:serviceaccount:ibm-common-services:ibm-cert-manager-controller\" 
    cannot create resource \"ionos\" in API group \"\" at the cluster scope" "key"="mas-tst-core/tst-cert-public-llhcj-2221398163-4246310490"
    to install IONOS webhook for cert manager :
    Cert manager acme dns01 webhook provider for ionos - GitHub - fabmade/cert-manager-webhook-ionos: Cert manager acme dns01 webhook provider for ionos

    Environment specs:
    OpenShift version 4.8.9
    Maximo Application Suite 8.10
    Manage 8.6

    Mohamed Skandaji