Last Modified: Oct 19, 2025
Affected Product(s):
BIG_IP_NEXT(SPK) SPK
Fixed In:
1.7.3
Opened: Aug 07, 2023 Severity: 3-Major
When more than one certificate requests for the same certificate are created with the same revision number, f5-cert-manager stops issuing certificate for the affected certificate requests.
F5-cert-manager stops issuing certificate for the affected certificate requests, unless manually delete them.
Created certificate request object fails to be updated in f5-cert-manager controller local cache from syncing with Kubernetes API server within 5 seconds. Some possible causes are: - Kubernetes API server instability - Network latency between Kubernetes API server and f5-cert-manager controller - Connection drop between Kubernetes API server and f5-cert-manager controller
Manually delete the certificate request resources with the same revision number.
As a mitigation, changing all certificates' lifetime to long-lived (360 days) to avoid certificate renew and minimize the chances of issue happening.