I'm facing a challenge deploying cert-manager to my GKE Autopilot cluster, and despite extensive searching, I can't seem to resolve the issue. I'm using the helm chart for installation with the following command:
```
helm install
cert-manager oci://quay.io/jetstack/charts/cert-manager
--version v1.19.4
--namespace cert-manager
--create-namespace
--set crds.enabled=true
--set startupapicheck.timeout=10m
--set webhook.timeoutSeconds=30
```
The deployment seems fine overall, but I keep encountering a failure with the startupapicheck job. The error message points to an issue with the webhook, stating that it can't verify the TLS certificate due to it being signed by an unknown authority.
I've seen some suggestions about switching to HTTP instead of HTTPS, but that feels like a workaround rather than a solution. I'm looking for help to properly set this up, as this issue is blocking some important tasks for me!
1 Answer
Have you checked out the recommended workaround on the cert-manager website regarding GKE Autopilot? It could save you some headaches!
I actually tried that approach after you mentioned it, and it ended up solving my problem! I had overlooked it before since I didn’t see the specific errors stated, but I really appreciate the nudge!