Hi,
This config was working fine until last couple of weeks, now when I try to add the annotation to request a certificate, it throws an error.
time="2022-12-13T09:40:09Z" level=debug msg="legolog: [INFO] retry due to: acme: error: 400 :: POST :: https://acme.sectigo.com/v2/OV/newOrder :: urn:ietf:params:acme:error:badNonce :: The Replay Nonce is not recognized"
time="2022-12-13T09:40:24Z" level=debug msg="legolog: [INFO] [seminarlist.domain.de] AuthURL: https://acme.sectigo.com/v2/OV/authz/wTw7rkAoEY67GiXEnEI8RQ"
time="2022-12-13T09:40:24Z" level=debug msg="legolog: [INFO] [seminarlist.domain.de] acme: Could not find solver for: http-01"
time="2022-12-13T09:40:24Z" level=debug msg="legolog: [INFO] [seminarlist.domain.de] acme: Could not find solver for: dns-01"
time="2022-12-13T09:40:33Z" level=debug msg="legolog: [INFO] Deactivating auth: https://acme.sectigo.com/v2/OV/authz/xxxxxxxxxxxxxxxxxxxxxxxx"
time="2022-12-13T10:26:32Z" level=error msg="Unable to obtain ACME certificate for domains \"itswiki.ops-kone.domain.de\": unable to generate a certificate for the domains [itswiki.ops-kone.domain.de]: error: one or more domains had a problem:\n[itswiki.ops-kone.domain.de] [itswiki.ops-kone.domain.de] acme: could not determine solvers\n" providerName=sectigo.acme ACME CA="https://acme.sectigo.com/v2/OV" routerName=websecure-itsops-team-test-itswiki-itswiki-ops-kone-domain-de@kubernetes rule="Host(`itswiki.ops-kone.domain.de`) && PathPrefix(`/`)"
Nothing has changed in the Traefik config, which is basically this:
[certificatesResolvers.sectigo.acme]
email = "itsops@domain.de"
storage = "/certs/sectigo.json"
caServer = "https://acme.sectigo.com/v2/OV"
[certificatesResolvers.sectigo.acme.tlsChallenge]
[certificatesResolvers.sectigo.acme.eab]
kid = "xxxxxxxxxxxxxxxxxxxxxxx"
hmacEncoded = "xxxxxxxxxxxxxxxxxxxxxxx"
And the only thing I needed to do is to add the following annotation:
traefik.ingress.kubernetes.io/router.tls.certresolver: sectigo