diff --git a/data-plane/config/broker-tls/broker-ingress-tls-certificate.yaml b/data-plane/config/broker-tls/broker-ingress-tls-certificate.yaml index e00754ce9d..8b298cd29e 100644 --- a/data-plane/config/broker-tls/broker-ingress-tls-certificate.yaml +++ b/data-plane/config/broker-tls/broker-ingress-tls-certificate.yaml @@ -26,12 +26,12 @@ spec: app.kubernetes.io/component: kafka-broker-receiver app.kubernetes.io/name: knative-eventing - duration: 2160h # 90d - renewBefore: 360h # 15d + # Use 0m0s so that we don't run into https://github.com/cert-manager/cert-manager/issues/6408 on the operator + duration: 2160h0m0s # 90d + renewBefore: 360h0m0s # 15d subject: organizations: - local - isCA: false privateKey: algorithm: RSA encoding: PKCS1 diff --git a/data-plane/config/channel-tls/channel-ingress-tls-certificate.yaml b/data-plane/config/channel-tls/channel-ingress-tls-certificate.yaml index 4971a7d34d..0896ca68b7 100644 --- a/data-plane/config/channel-tls/channel-ingress-tls-certificate.yaml +++ b/data-plane/config/channel-tls/channel-ingress-tls-certificate.yaml @@ -26,12 +26,12 @@ spec: app.kubernetes.io/component: kafka-channel-receiver app.kubernetes.io/name: knative-eventing - duration: 2160h # 90d - renewBefore: 360h # 15d + # Use 0m0s so that we don't run into https://github.com/cert-manager/cert-manager/issues/6408 on the operator + duration: 2160h0m0s # 90d + renewBefore: 360h0m0s # 15d subject: organizations: - local - isCA: false privateKey: algorithm: RSA encoding: PKCS1 diff --git a/data-plane/config/sink-tls/sink-ingress-tls-certificate.yaml b/data-plane/config/sink-tls/sink-ingress-tls-certificate.yaml index baf6a6ec73..ef20921431 100644 --- a/data-plane/config/sink-tls/sink-ingress-tls-certificate.yaml +++ b/data-plane/config/sink-tls/sink-ingress-tls-certificate.yaml @@ -26,12 +26,12 @@ spec: app.kubernetes.io/component: kafka-sink-receiver app.kubernetes.io/name: knative-eventing - duration: 2160h # 90d - renewBefore: 360h # 15d + # Use 0m0s so that we don't run into https://github.com/cert-manager/cert-manager/issues/6408 on the operator + duration: 2160h0m0s # 90d + renewBefore: 360h0m0s # 15d subject: organizations: - local - isCA: false privateKey: algorithm: RSA encoding: PKCS1 diff --git a/openshift/release/artifacts/eventing-kafka-tls-networking.yaml b/openshift/release/artifacts/eventing-kafka-tls-networking.yaml index a8bbad5d21..fed8dd218c 100644 --- a/openshift/release/artifacts/eventing-kafka-tls-networking.yaml +++ b/openshift/release/artifacts/eventing-kafka-tls-networking.yaml @@ -27,12 +27,12 @@ spec: app.kubernetes.io/component: kafka-broker-receiver app.kubernetes.io/name: knative-eventing - duration: 2160h # 90d - renewBefore: 360h # 15d + # Use 0m0s so that we don't run into https://github.com/cert-manager/cert-manager/issues/6408 on the operator + duration: 2160h0m0s # 90d + renewBefore: 360h0m0s # 15d subject: organizations: - local - isCA: false privateKey: algorithm: RSA encoding: PKCS1 @@ -76,12 +76,12 @@ spec: app.kubernetes.io/component: kafka-channel-receiver app.kubernetes.io/name: knative-eventing - duration: 2160h # 90d - renewBefore: 360h # 15d + # Use 0m0s so that we don't run into https://github.com/cert-manager/cert-manager/issues/6408 on the operator + duration: 2160h0m0s # 90d + renewBefore: 360h0m0s # 15d subject: organizations: - local - isCA: false privateKey: algorithm: RSA encoding: PKCS1 @@ -126,12 +126,12 @@ spec: app.kubernetes.io/component: kafka-sink-receiver app.kubernetes.io/name: knative-eventing - duration: 2160h # 90d - renewBefore: 360h # 15d + # Use 0m0s so that we don't run into https://github.com/cert-manager/cert-manager/issues/6408 on the operator + duration: 2160h0m0s # 90d + renewBefore: 360h0m0s # 15d subject: organizations: - local - isCA: false privateKey: algorithm: RSA encoding: PKCS1