Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

OVH API call failed #44

Open
ClemCreator opened this issue Apr 18, 2024 · 1 comment
Open

OVH API call failed #44

ClemCreator opened this issue Apr 18, 2024 · 1 comment
Labels
bug Something isn't working

Comments

@ClemCreator
Copy link

ClemCreator commented Apr 18, 2024

What happened?

E0418 13:17:18.602410 1 controller.go:167] "re-queuing item due to error processing" err="OVH API call failed: GET /domain/zone/MYDN.ovh/status - Get "https://eu.api.ovh.com/1.0/domain/zone/MYDN.ovh/status\": net/http: invalid header field value for "X-Ovh-Consumer"" logger="cert-manager.challenges" key="cert-manager/MYDN-ovh-1-4057160949-2135846745"

Expected Behavior

non error during this process

Steps to reproduce

apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
  name: MYBASEDN-ovh
spec:
  dnsNames:
  - "MYBASEDN.ovh"
  - "*.MYBASEDN.ovh"
  issuerRef:
    name: letsencrypt
    kind: ClusterIssuer
  secretName: MYBASEDN-ovh-tls
---
apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
  name: letsencrypt
spec:
  acme:
    server: https://acme-v02.api.letsencrypt.org/directory
    email: [email protected]
    privateKeySecretRef:
      name: letsencrypt-account-key
    solvers:
    - dns01:
        webhook:
          groupName: "dev.MYDN.be"
          solverName: ovh
          config:
            endpoint: ovh-eu
            applicationKeyRef:
              key: applicationKey
              name: ovh-credentials
            applicationSecretRef:
              key: applicationSecret
              name: ovh-credentials
            consumerKeyRef:
              key: consumerKey
              name: ovh-credentials
---	  
apiVersion: v1
kind: Secret
type: Opaque
metadata:
  name: ovh-credentials
  namespace: cert-manager
data:
  applicationKey: "*********************"
  applicationSecret: ""*********************""
  consumerKey: ""*********************""
 ---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
  name: cert-manager-webhook-ovh:secret-reader
rules:
- apiGroups: [""]
  resources: ["secrets"]
  resourceNames: ["ovh-credentials"]
  verbs: ["get", "watch"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
  name: cert-manager-webhook-ovh:secret-reader
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: Role
  name: cert-manager-webhook-ovh:secret-reader
subjects:
- apiGroup: ""
  kind: ServiceAccount
  name: cert-manager-webhook-ovh

Versions in use

cert-manager: v1.14.4
K8s Rev: v1.24.4
chart version: 0.6.0

Additional context

No response

Contributing

Vote on this issue by adding a 👍 reaction.
To contribute a fix for this issue, leave a comment (and link to your pull request, if you've opened one already).

@ClemCreator ClemCreator added the bug Something isn't working label Apr 18, 2024
@vkl56
Copy link

vkl56 commented Jan 22, 2025

@ClemCreator Have you find a solution and/or the root cause ?
In my case, it was a bad SOPS encryption so... wrong consumerKey :/

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bug Something isn't working
Projects
None yet
Development

No branches or pull requests

2 participants