Skip to content

Commit 8636451

Browse files
authored
Merge pull request #70742 from subhtk/OCPBUG20370
OCPBUGS 20370:Added a note in supported ACME challenge types
2 parents 1251322 + b13d5ae commit 8636451

File tree

1 file changed

+7
-0
lines changed

1 file changed

+7
-0
lines changed

modules/cert-manager-acme-challenges-types.adoc

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -12,6 +12,13 @@ HTTP-01:: With the HTTP-01 challenge type, you provide a computed key at an HTTP
1212
+
1313
For more information, see link:https://cert-manager.io/docs/configuration/acme/http01/[HTTP01] in the upstream cert-manager documentation.
1414

15+
[NOTE]
16+
====
17+
HTTP-01 requires that the Let's Encrypt servers can access the route of the cluster. If an internal or private cluster is behind a proxy, the HTTP-01 validations for certificate issuance fail.
18+
19+
The HTTP-01 challenge is restricted to port 80. For more information, see link:https://letsencrypt.org/docs/challenge-types/#http-01-challenge[HTTP-01 challenge] (Let's Encrypt).
20+
====
21+
1522
DNS-01:: With the DNS-01 challenge type, you provide a computed key at a DNS TXT record. If the ACME CA server can get the key by DNS lookup, it can validate you as the owner of the domain.
1623
+
1724
For more information, see link:https://cert-manager.io/docs/configuration/acme/dns01/[DNS01] in the upstream cert-manager documentation.

0 commit comments

Comments
 (0)