Hi,
I'm getting this error on the Challenge object
Error presenting challenge: hetzner.acme.example.com is forbidden: User "system:serviceaccount:cert-manager:cert-manager" cannot create resource "hetzner" in API group "acme.example.com" at the cluster scope
Am I missing something about permissions?
The configuration is this below:
apiVersion: v1
kind: Secret
metadata:
name: hetzner-secret-app
type: Opaque
data:
api-key: XXXXXXXBASE64XXXXX=
---
apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
name: letsencrypt-staging-app
spec:
acme:
server: https://acme-staging-v02.api.letsencrypt.org/directory
email: info@example.com
privateKeySecretRef:
name: letsencrypt-staging-app
solvers:
- dns01:
webhook:
groupName: acme.example.com
solverName: hetzner
config:
secretName: hetzner-secret-app
zoneName: example.com.
apiUrl: https://dns.hetzner.com/api/v1
---
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: cert-staging
namespace: cert-manager
spec:
commonName: example.com
dnsNames:
- example.com
issuerRef:
name: letsencrypt-staging-app
kind: ClusterIssuer
secretName: cert-staging
Hi,
I'm getting this error on the Challenge object
Am I missing something about permissions?
The configuration is this below: