05.09.2019 - Recommended, Kubernetes

Kubernetes Notification: Update cert-manager to prevent SSL invalidation

Let's Encrypt notifies customers that they will start blocking older cert-manager versions as of November 1.

If you are using cert-manager versions older than 0.8.0, they will start to block all traffic from these versions and result in your SSL certificates not working. Cert-manager 0.9.0 is already released and should be updated immediately

 

Affected systems:  


If you have deployed cert-manager with Helm

Most people are familiar with Helm and the deployment of cert-manager through helm charts. And you can easily check if you are affected by typing “Helm list | grep cert-manager” and see what version you are running.  

 

 

Mitigation:

  • Upgrade cert-manager to version 0.9.0 or newer and don’t forget to back-up in case something breaks during the upgrade. 

You can find a guide on upgrading cert-manager here >

Release notes: https://github.com/jetstack/cert-manager/releases  

Helm chart: https://hub.helm.sh/charts/jetstack/cert-manager 

 

You can read more about it here: 

https://community.letsencrypt.org/t/blocking-old-cert-manager-versions/98753 

https://github.com/jetstack/cert-manager/issues/1948 

 

 

Alexander Karlsson Cloud Expert

Don't miss a single update

Subscribe to our newsletter